[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2013143281A1 - One-time password operating method - Google Patents

One-time password operating method Download PDF

Info

Publication number
WO2013143281A1
WO2013143281A1 PCT/CN2012/083828 CN2012083828W WO2013143281A1 WO 2013143281 A1 WO2013143281 A1 WO 2013143281A1 CN 2012083828 W CN2012083828 W CN 2012083828W WO 2013143281 A1 WO2013143281 A1 WO 2013143281A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
password
flag
power
preset value
Prior art date
Application number
PCT/CN2012/083828
Other languages
French (fr)
Chinese (zh)
Inventor
陆舟
于华章
Original Assignee
飞天诚信科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 飞天诚信科技股份有限公司 filed Critical 飞天诚信科技股份有限公司
Priority to US14/233,245 priority Critical patent/US9413752B2/en
Publication of WO2013143281A1 publication Critical patent/WO2013143281A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • H04L67/5682Policies or rules for updating, deleting or replacing the stored data

Definitions

  • the present invention relates to the field of information security, and in particular, to a method for working with a dynamic token.
  • a One-time Password is a safe and convenient account anti-theft technology, and generates an unpredictable random number combination according to a special algorithm, and each password can be used only once.
  • OTP One-time Password
  • the user When the user authenticates, in addition to entering the account number and static password, the user must be required to input a dynamic password. Only through system verification can the user log in or trade normally, thus effectively ensuring the legality and uniqueness of the user identity.
  • the biggest advantage of dynamic tokens is that the passwords used by users are different each time, making it impossible for criminals to fake the identity of legitimate users.
  • Dynamic password authentication technology is considered to be one of the most effective ways to solve user identity authentication. It can effectively prevent multiple network problems such as hacker Trojans stealing user account passwords and fake websites, resulting in loss of user property or data loss.
  • the present invention proposes a working method of dynamic tokens.
  • a method for working on a dynamic token characterized in that, when the dynamic token is checked After detecting that the button flag is set, it includes:
  • Step A Clear the button mark, scan the button, determine the type of the pressed button, if it is the power button, execute step B, if it is the delete button, perform step D, if it is any of the first number key group Press the button to execute step E, if it is any button in the second number key group, execute step F, if it is the confirmation button, execute step G;
  • Step B checking the boot flag, when the boot flag is set, resetting the boot flag, 3 ⁇ 4A sleep state; when the boot flag is not set, the boot flag is set, Perform step C;
  • Step C checking the lock flag, if the lock flag is set, setting the status flag to the first preset value, performing step L; if the lock flag is not set, the status flag is set For the second preset value, performing step L;
  • Step D checking the boot flag, when the boot flag is set, deleting one unit data at the end of the data buffer, displaying the corresponding number, performing step L; when the boot flag is not set Sleep state
  • Step E checking the boot flag, when the boot flag is set, saving corresponding data to the data buffer, and displaying corresponding numbers, performing step L; when the boot flag is not set When entering the sleep state;
  • Step F checking the boot flag
  • step L when the power-on flag is set and the state identifier is a third preset value, determining whether the pressed button is continuously pressed for more than a preset duration, and then the state is The flag is set to the fifth preset value, and step L is performed, otherwise step L is directly executed;
  • Step G checking the boot flag
  • step H When the power-on flag is set, the status identifier is checked, if the status identifier is the first preset value, step H is performed, and if the second preset value is the second step, step I is performed. The third preset value is performed in step J, and if it is the fifth preset value, step K is performed; [0018] when the boot flag is not set, the sleep state;
  • Step H calculating an unlock code verification code, and determining whether the data in the data buffer is consistent with the calculated unlock code verification code, and resetting the lock flag, and setting the status identifier to The fifth preset value, clear the data in the data buffer, perform step L; otherwise clear the data in the data buffer, return to step C;
  • Step I determining whether the data in the data buffer is consistent with the power-on password currently stored in the dynamic token, and then setting the status identifier to a third preset value, and clearing the data cache.
  • the data in the area, step L is performed; otherwise, the data in the data buffer is cleared, the lock flag is set, and the process returns to step C;
  • Step J Calculate the generated dynamic password, display the content corresponding to the dynamic password, perform step L;
  • Step K determining whether the data in the data buffer area meets a preset condition, and replacing the power-on password currently stored in the dynamic token with the data in the data buffer area, and clearing the data cache.
  • the data in the area, the state identifier is set to a third preset value, step L is performed; otherwise, the data in the data buffer area is cleared, and step L is performed;
  • Step L determining whether the button flag is set to be set within a predetermined time, and then returning to step A; otherwise, resetting the power-on flag to enter a sleep state.
  • a method for operating a dynamic token comprising: after the dynamic token detects that a button flag is set, the method includes:
  • Step a clear the button mark, the scan button, determine the type of the pressed button, if it is the power button, perform step b, if it is the delete button, perform step d, if it is any of the first number key group Press the button to execute step e, if it is any button in the second number key group, execute step f, if it is the confirmation button, execute step g;
  • Step b checking the boot flag, when the boot flag is set, resetting the boot flag to a sleep state; when the boot flag is not set, setting the boot flag to execute Step c;
  • Step c checking the lock flag, if the lock flag is set, setting the status flag to the first preset value, performing step 1; if the lock flag is not set, the status flag is set For the second preset value, perform step 1;
  • Step d checking the opening, when the boot flag is set, checking the status identifier, deleting a unit data at the end of the corresponding buffer area, displaying the corresponding number, performing step 1;
  • the sleep state When the ambition is not set, the sleep state;
  • Step e checking the boot flag, when the boot flag is set, checking the status identifier, saving the corresponding data to the corresponding buffer area, and displaying the corresponding number, performing step 1; when the boot flag is not When set, the sleep state;
  • Step f checking the boot flag
  • step 1 when the power-on flag is set and the state identifier is a third preset value, determining whether the pressed button is continuously pressed for more than a preset duration, and then the state is The flag is set to the fifth preset value, and step 1 is performed; otherwise, step 1 is directly performed;
  • step 1 When the power-on flag is set and the state identifier is not the third preset value, check the status identifier, save the corresponding data to the corresponding buffer area, and display the corresponding number, perform step 1;
  • Step g checking the boot flag
  • step h When the power-on flag is set, the status identifier is checked, if the status identifier is the first preset value, step h is performed, and if the second preset value is the second step, step i is performed.
  • the third preset value performs step j, and if it is the fifth preset value, step k is performed;
  • Step h calculating an unlock code verification code, and determining whether the data in the unlock code data buffer is consistent with the calculated unlock code verification code, and then resetting the lock flag, and setting the status flag For the fifth preset value, clear the data in the unlock code buffer, perform step 1; otherwise, clear the data in the unlock code buffer, and return to step c;
  • Step i determining data in the power-on password buffer area and the dynamic token inside Whether the previously stored power-on passwords are consistent, the state identifier is set to a third preset value, and the data in the power-on password buffer area is cleared, and step 1 is performed; otherwise, the data in the power-on password buffer area is cleared. Setting the lock flag, returning to step c;
  • Step j Calculate the generated dynamic password, display the content corresponding to the dynamic password, perform step 1;
  • Step k determining whether the data in the new power-on password buffer area meets the preset value, and then replacing the power-on password currently stored in the dynamic token with the data in the new power-on password buffer area, and clearing the The data in the new power-on password buffer area is set to the third preset value, and step 1 is performed; otherwise, the data in the new power-on password buffer area is cleared, and step 1 is performed;
  • Step 1 It is determined whether the button flag is detected to be set within a predetermined time, and then returns to step A; otherwise, the power-on flag is reset to enter a sleep state.
  • the invention has the beneficial effects that: the dynamic token can be effectively prevented from being stolen, the loss of the dynamic token is prevented or the user is lost after the seed is lost, and the probability of success of the group is reduced.
  • Embodiment 1 is a flow chart of a method for working on a dynamic token according to Embodiment 2 of the present invention
  • FIG. 2 is a flow chart of steps 102 to 117 of FIG. 1;
  • FIG. 3 is a flow chart of steps 118 to 126 of FIG. 1;
  • FIG. 4 is a flow chart of steps 127 to 138 of FIG. 1;
  • the embodiment of the present invention provides a working method of the dynamic token, where the dynamic token is usually In the sleep state, when a button is pressed, it is woken up, the button flag is set, when the power button is continuously pressed for more than the preset duration, or when there is no button input within a predetermined time, the sleep state is re-entered, and at the same time The status ID is restored to the default value, the current available password retries is saved, and the current status of the lock flag is saved.
  • the dynamic token when detecting that the button flag is set, and the dynamic token is not initialized, the dynamic token detects whether the liquid crystal screen and the keyboard are available according to the type of the pressed button;
  • the dynamic token When it is detected that the button flag is set and the dynamic token has been initialized, the dynamic token performs the following operations:
  • Step S1 Clear the button flag, scan the button, and determine the type of the pressed button. If the power button is used, step S2 is performed. If the button is deleted, step S4 is performed, if any is in the first number key group. Press the key to execute step S5, if it is any of the second number key group, step S6 is performed; if it is the confirmation key, step S9 is performed;
  • the button may be a button, a touch button, a micro switch, a photoelectric switch, an inductive switch, or the like;
  • the power button, the delete button, and the confirmation button may be independent buttons, or may share the same button, or may be any button in the first number button group: [0058]
  • the power key is any of the first digital key groups
  • it is determined whether it is the first Preset button is to determine whether the time when the button is pressed exceeds the preset duration, and when the preset duration is exceeded, step S2 is performed, when the preset duration is not exceeded, step S5 is performed; otherwise, step S5 is performed;
  • step S when it is determined that the pressed ⁇ is any change in the first numeric key group, it is determined whether it is the second preset. Pressing the button, determining whether the time when the button is pressed exceeds the preset duration, and executing step S4 when the preset duration is exceeded, and performing step S5 when the preset duration is not exceeded; otherwise, performing step S5;
  • step S9 when it is determined that any of the first numeric key groups is pressed, it is determined whether it is the third preset key, Then, it is determined whether the time when the button is pressed exceeds the preset duration, and when the preset duration is exceeded, step S9 is performed, when the preset duration is not exceeded, step S5 is performed; otherwise, step S5 is performed;
  • step S2 when it is judged that the length is long, step S2 is performed, otherwise step S4 is performed; ', '
  • step S2 when it is determined that the pressed key is the confirmation key, it is determined whether the time when the key is pressed exceeds the preset duration, if yes, step S2 is performed. Otherwise, step S9 is performed;
  • step S4 when it is judged that the length is long, step S4 is performed, otherwise step S9 is performed. ' , '
  • the ⁇ flag is set, and when the token detects that the ⁇ flag is set, the ⁇ debounce processing is further included. Specifically, when it is detected that the time when the M is pressed exceeds the preset time after detecting the flag is set, step S1 is performed, otherwise the button flag is cleared, the sleep state is continued, and the waiting button flag is set, wherein the detection is performed.
  • the preset time is 20 ⁇ seconds;
  • the key circuit debounce processing can also be implemented by using a hardware circuit, which can be specifically implemented according to the characteristics of the RS trigger.
  • Step S2 checking the boot flag, when the boot flag is set, resetting the boot flag, the sleep state, and performing step S1 after re-detecting that the ⁇ flag is set; When the boot flag is not set, the open flag is set, and the next step is performed in sequence;
  • Step S3 checking the lock flag, when the lock flag is set, displaying information indicating that the dynamic token is locked, setting the status identifier to the first preset value, displaying information prompting to input the unlock code, and executing Step S15; when the lock flag is not set, the state identifier is set to a second preset value, displaying information prompting to input a power-on password, step S15;
  • Step S4 checking the boot flag, when the boot flag is set, deleting one unit data at the end of the data buffer area, displaying the corresponding number, performing step S15, if there is no data in the data buffer area, Then directly executing step S15; when the power-on flag is not set, enter a sleep state, when it is re-detected that the button flag is set, step S1 is performed;
  • a unit data is used to represent a number, and the unit data is encoded or uncoded;
  • the displaying the corresponding number specifically includes: displaying a number corresponding to all the unit data in the data buffer, and displaying the corresponding number as the data plaintext or the symbol "-" or displaying the fixed time data in plain text and then using the symbol "-
  • the display mode is selected according to the current value of the status identifiers.
  • Step S5 checking the boot flag, when the boot flag is set, saving corresponding data to the data buffer area, and displaying corresponding numbers, performing step S15; when the boot flag is not set, a sleep state, when it is re-detected that the flag is set, step S1 is performed;
  • the saving the corresponding data to the data buffer area specifically includes: determining, according to the status identifier, whether the number of unit data in the data buffer area has exceeded a preset number, and saving the first or last preset Unit data of the number, otherwise save all unit data.
  • Step S6 checking the boot flag, when the boot flag is set, sequentially performing the next step, when the boot flag is not set, entering a sleep state, when the button flag is detected again After being set, step S1 is performed;
  • Step S7 Check the status identifier, when the status identifier is the third preset value, the next step is performed sequentially, otherwise the corresponding data is saved to the data buffer area, and the corresponding number is displayed, and step S15 is performed;
  • Step S8 determining whether the time when the button is continuously pressed exceeds a preset duration, if yes, setting the status identifier to a fifth preset value, displaying a message prompting to reset the power-on password, and executing step S15 Otherwise, step S15 is directly executed;
  • Step S9 checking the boot flag, when the boot flag is set, sequentially performing the next step, when the boot flag is not set, entering a sleep state, when the button flag is detected again After being set, step S1 is performed;
  • Step S10 Check the status identifier, when the status identifier is the first preset value, perform step S11, and when the status identifier is the second preset value, perform step S12, when the status identifier is Step S13 is performed when the third preset value is performed, and step S14 is performed when the status identifier is the fifth preset value;
  • Step S11 Calculate and generate an unlock code verification code, and determine whether the data in the data buffer is consistent with the calculated unlock code verification code, and then reset the lock flag, and the status identifier is Set to the fifth preset value, the display prompts the user to reset the power-on password information, clear the data in the data buffer, step S15; otherwise clear the data in the data buffer, return to step S3;
  • Step S12 determining whether the data in the data buffer is consistent with the power-on password currently stored by the dynamic token, and then setting the status identifier to a third preset value, and displaying that the prompt has entered the information interface.
  • Information clear the data in the data buffer, step S15; otherwise set the lock flag, clear the data in the data buffer, return to step S3;
  • the number of available password retries may be set in the dynamic token;
  • the lock flag when the lock flag is not set, determining whether the data in the data buffer is consistent with the power-on password currently stored by the dynamic token, and then setting the status identifier to be the first
  • the preset value is displayed, and the information indicating that the information interface has been entered is displayed, and the number of available password retries is set to an initial value, and the data in the data buffer is cleared, and step S15 is performed; otherwise, the data in the data buffer is cleared, and the calculation is performed.
  • the number of available password retries is reduced by 1, and the result is used as the number of currently available password retries to determine whether the current available password retries is 0. If yes, the lock flag is set, and the process returns to step S3, otherwise the process returns directly to the execution step. S3.
  • Step S13 Calculate and generate a dynamic password, and display content corresponding to the dynamic password, and execute step S15.
  • Step S14 determining whether the data in the data buffer area is consistent with the preset, then replacing the power-on password stored in the current token with the data in the data buffer, and setting the status identifier to the third Preset value, display information indicating that the information has been entered, clear the data in the data buffer, step S15; otherwise clear the data in the data buffer, step S15;
  • Step S15 determining whether the button flag is set to be set within a predetermined time, if yes, performing step S1; otherwise, resetting the power-on flag, entering a sleep state, and when the ⁇ flag is detected again After being set, step S1 is performed.
  • the step S10 may further include: performing step S16 when the status identifier is a fourth preset value; performing step S17 when the status identifier is a sixth preset value; When the status identifier is the seventh preset value, step S18 is performed; where the step S16, the step S17, and the step S18 are specifically:
  • Step S16 determining whether the data in the data buffer is consistent with the power-on password currently stored by the dynamic token, and then setting the status identifier to a fifth preset value, and displaying a prompt to reset the boot.
  • the information of the password clear the data in the data buffer, step S15; otherwise clear the data in the data buffer, step S15;
  • the method when it is determined that the time when the pressed ⁇ is continuously pressed exceeds the preset duration in step S8, the method includes: setting the status identifier to a fourth preset value, The prompting to input the information of the current power-on password is performed, and step S15 is performed.
  • Step S17 determining whether the data in the data buffer is consistent with the new power-on password, and replacing the power-on password stored in the current dynamic token with the new power-on password, and setting the status identifier to
  • the third preset value displays information indicating that the information has been entered, clears the data in the data buffer, and performs step S15; otherwise, sets the status identifier to a fifth preset value, and displays a prompt to reset the power-on password.
  • Information clear the data in the data buffer, step S15;
  • step S14 when it is determined in step S14 that the data in the data buffer meets the preset condition, the data in the data buffer is stored as a new power-on password, and the status identifier is set to a sixth.
  • the preset value displays a message prompting to confirm the reset power-on password, clears the data in the data buffer, and executes step S15.
  • Step S18 The state identifier is set to a third preset value, and step S15 is performed.
  • the method further includes: setting the status identifier to a seventh preset value, and determining whether the ⁇ identifier is detected before the dynamic password is invalidated. If yes, the process returns to step S1. Otherwise, when the dynamic password is invalid, the status flag is set to a third preset value, and step S15 is performed.
  • the dynamic token In order to effectively prevent the dynamic token from being stolen, the dynamic token is lost, the seed file is lost, and the group is raised, the power button and the delete button share a button and the number buttons 1 to 9 as the first number.
  • the key group and the numeric key 0 are used as the second numeric key group as an example to provide a specific implementation method of the dynamic token.
  • the dynamic token is normally in a sleep state, and is awakened when a button is pressed. And set the button flag, when the power button is continuously pressed for more than the preset duration, or re-enter the sleep state when there is no button input within the predetermined time, and at the same time restore the status flag to the default value, save the current available password retries and The current state of the lock flag.
  • the dynamic token performs the following operations:
  • Step 101 Clear the button flag, scan the keyboard, determine the type of the pressed button, if it is the power button, go to step 102, if it is any of the number keys 1-9, then execute Step 118, if it is a numeric key 0, step 127 is performed, if it is an OK key, step 139 is performed;
  • Step 102 Determine whether the device is initialized, if yes, go to step 106, otherwise execute the next step in sequence;
  • the process of device initialization is a process of writing user information into a dynamic token.
  • Step 103 LCD screen self-test
  • Step 104 Determine whether the button flag is set to be set within the predetermined time, if yes, return to step 101, otherwise execute the next step in sequence;
  • Step 105 a sleep state, and when the re-detection of the ⁇ flag is set, step 101 is performed;
  • Step 106 Check whether the boot flag is set, if yes, the next step is performed, otherwise step 110 is performed;
  • Step 107 determining whether the time when the power button is pressed exceeds the preset duration, if yes, the next step is performed, otherwise step 109 is performed;
  • the preset duration is 2 seconds.
  • Step 108 reset the open state, sleep state, and when it is detected that the ⁇ flag is set, step 101 is performed;
  • Step 109 Delete a unit data at the end of the data buffer area, display the corresponding number, and perform step 116. If there is no data in the data buffer area, skip this step and go straight to step 116;
  • a unit data is used to represent a number
  • the one byte data is encoded or uncoded
  • the display corresponding number is specifically all units in the display data buffer area.
  • Step 110 It is determined whether the time when the power button is pressed exceeds the preset duration, if yes, the next step is performed, otherwise step 112 is performed;
  • Step 111 a sleep state, and when the re-detection of the ⁇ flag is set, step 101 is performed;
  • Step 112 Set the boot flag;
  • Step 113 Check whether the lock flag is set, if yes, the next step is performed, otherwise step 115 is performed;
  • Step 114 Set the status identifier to the first preset value, display the input unlock code interface, and perform step 116;
  • Step 115 Set the status identifier to a second preset value, and display an input power-on password interface;
  • Step 116 Determine whether the button flag is set to be set within the predetermined time, and then return to step 101, otherwise execute the next step in sequence;
  • Step 117 reset the power-on flag, sleep state, and when the re-detection flag is set, perform step 101;
  • Step 118 Determine whether the device is initialized, if yes, go to step 122, otherwise execute the next step in sequence;
  • Step 119 Display the corresponding number
  • Step 120 Determine whether the button flag is set to be set within the predetermined time, and then return to step 101, otherwise execute the next step in sequence;
  • Step 121 a sleep state, and when the re-detection of the ⁇ flag is set, step 101 is performed;
  • Step 122 Check whether the boot flag is set, if yes, go to step 124, otherwise execute the next step in sequence;
  • Step 123 The sleep state, and when the re-detected ⁇ flag is set, step 101 is performed;
  • Step 124 Save the corresponding data to the data buffer area, and display the corresponding number
  • the status identifier when the status identifier is a second preset value or a fourth preset value or a fifth preset value or a sixth preset value, determining unit data in the data buffer area Whether the number of the number has exceeded six, is to save the first or last 6 unit data, otherwise save all unit data; when the status identifier is the first preset value, determine the unit data in the data buffer area Whether the number is more than 8, is to save the first or last 8 Unit data, otherwise save all unit data;
  • the display corresponding number is specifically a number corresponding to all unit data in the display data buffer area
  • the plain text when the corresponding number is displayed, the plain text may be displayed or replaced by a symbol such as "-" or "*", or the plaintext is displayed after a period of time, and the plaintext is replaced with a symbol such as "-" or "*".
  • the display mode is selected according to the status identifier.
  • Step 125 Determine whether the button flag is set to be set within the predetermined time, if yes, return to step 101, otherwise execute the next step sequentially;
  • Step 126 reset the open state, ii sleep state, and when the re-detected flag is set, perform step 101;
  • Step 127 Determine whether the device is initialized, if yes, go to step 131, otherwise execute the next step in sequence;
  • Step 128 Display the number 0;
  • Step 129 determining whether the button flag is set to be set within the predetermined time, if yes, returning to step 101, otherwise executing the next step sequentially;
  • Step 130 a sleep state, and when the re-detection of the ⁇ flag is set, step 101 is performed;
  • Step 131 Check whether the boot flag is set, if yes, go to step 133, otherwise execute the next step in sequence;
  • Step 132 a sleep state, and when the re-detection of the ⁇ flag is set, step 101 is performed;
  • Step 133 Check the status identifier, and if the status identifier is the third preset value, perform step 135, otherwise execute the next step in sequence;
  • Step 134 save the corresponding data to the data buffer, and display the corresponding number, perform step 137;
  • Step 135 determining whether the time when the numeric key 0 is pressed exceeds the preset duration, if yes, the next step is performed, otherwise step 137 is performed;
  • Step 136 Set the status identifier to the fourth preset value, display the modified power-on password interface, and perform step 137;
  • Step 137 determining whether the button flag is set to be set within the predetermined time, if yes, returning to step 101, otherwise executing the next step sequentially;
  • Step 138 reset the open state, sleep state, and when it is detected that the ⁇ flag is set, step 101 is performed;
  • Step 139 Determine whether the device is initialized, if yes, go to step 143, otherwise execute the next step in sequence;
  • Step 140 Display preset information
  • the preset information is “successful”.
  • Step 141 Determine whether the button flag is set to be set within the predetermined time, if yes, go to step 101, otherwise execute the next step in sequence;
  • Step 142 The sleep state, and when the re-detection of the ⁇ flag is set, step 101 is performed;
  • Step 143 Check whether the boot flag is set, if yes, go to step 145, otherwise execute the next step in sequence;
  • Step 144 The sleep state, and when the re-detection of the ⁇ flag is set, step 101 is performed;
  • Step 145 Check the status identifier, if the status identifier is the third preset value, perform step 146. If the status identifier is the second preset value, perform step 149, if the status identifier is If the status identifier is the fourth preset value, step 157 is performed, and if the status identifier is the fifth preset value, step 160 is performed, if the status identifier is For the sixth preset value, step 163 is performed, if the status identifier is the seventh preset value, step 166 is performed;
  • Step 146 Calculate and generate a dynamic password, set the status identifier to a seventh preset value, and display content corresponding to the dynamic password.
  • the dynamic token calculation generates a 6-bit dynamic password, and the calculation generates a dynamic password, which may be based on a time factor (or an event factor) and pre-stored in the dynamic token.
  • the static factor in the dynamic password is generated, or the dynamic password is generated according to the time factor (or event factor), the data in the data buffer, and the static factor pre-stored in the dynamic token, which is not limited herein;
  • the displaying corresponding data is specifically displaying the first 4 digits of the dynamic password, and the last 2 digits are replaced by the symbol "-";
  • a time bar may also be displayed for indicating the remaining effective time of the current dynamic password.
  • Step 147 Determine whether the button flag is set when the dynamic password is valid, and then return to step 101, otherwise execute the next step when the dynamic password fails.
  • Step 148 The status identifier is set to a third preset value, the information interface is displayed, and step 167 is performed;
  • Step 149 Calculate the generated unlock code verification code, and determine whether the data in the data buffer is consistent with the unlock code verification code, and then execute the next step sequentially, otherwise step 155 is performed;
  • the dynamic token is calculated and generated according to a static factor and a time factor (or an event factor), or according to a static factor, a time factor (or an event factor), and data in a data buffer.
  • An 8-bit unlock code verification code, the three unlock code ⁇ iE codes respectively correspond to a previous time factor of the current time factor, a current time factor, a subsequent time factor of the current time factor or a current event factor, and a subsequent adjacent event Factor, event factor of the next interval;
  • Step 150 Clear the data in the data buffer, reset the lock flag, set the status flag to the fifth preset value, display the set new power-on password interface, and perform step 167;
  • Step 151 Determine whether data in the data buffer is stored in the dynamic token. The stored power-on passwords are the same, if yes, go to step 156, otherwise execute the next step in sequence;
  • Step 152 Clear the data in the data buffer area, calculate the current password retry count minus 1, and the result is the number of available password retry times;
  • the initial value of the current password retry count is 6, otherwise the current password retry count is calculated when the step is executed last time. The number of available password retries.
  • Step 153 Determine whether the number of available password retries is 0, if yes, set the lock flag, step 154 is performed in sequence, otherwise step 154 is directly executed;
  • Step 154 prompting the power-on password error and the number of available password retries, step 155 is performed in sequence;
  • Step 155 Clear the data in the data buffer, return to step 113;
  • Step 156 Clear the data in the data buffer, set the status identifier to the third preset value, display the information interface, and perform step 167;
  • Step 157 determining whether the data in the data buffer is consistent with the power-on password stored in the dynamic token, if yes, the next step is performed, otherwise step 159 is performed;
  • Step 158 Clear the data in the data buffer, set the status flag to the fifth preset value, display the setting of the new power-on password interface, and perform step 167;
  • Step 159 Clear the data in the data buffer, prompting the power-on password error, and executing step 167;
  • Step 160 determining whether the data in the data buffer area meets the preset, then executing the next step in sequence, otherwise performing step 162;
  • the data in the data buffer meets the preset frfr, and the data in the data buffer corresponds to 6 digits 0-9.
  • Step 161 Clear the data in the data buffer, store the data input by the user as P1, set the status identifier to the sixth preset value, display the confirmation of the new power-on password interface, and execute step 167;
  • Step 162 Clear the data in the data buffer, prompting to modify the power-on password failed, step 167;
  • Step 163 Determine whether the data in the data buffer area is the same as the PI, if yes, go to step 165, otherwise execute the next step in sequence;
  • Step 164 Clear the data in the data buffer area, prompting to modify the power-on password fails, setting the status identifier to the fifth preset value, displaying the setting a new power-on password interface, and performing the steps
  • Step 165 Clear the data in the data buffer area, replace the power-on password stored in the dynamic token with the P1, set the status identifier to the third preset value, display the information interface, and perform step 167;
  • Step 166 Set the status identifier to a third preset value, and display an information interface.
  • Step 167 Determine whether the ⁇ flag is set to be set within a predetermined time, and then return to step 101, otherwise execute the next step in sequence;
  • Step 168 reset the open state, ii sleep state, and execute step 101 after the re-detected flag is set.
  • the embodiment of the present invention provides another dynamic token working method, where the dynamic token is used. Normally in the sleep state, wake up when a button is pressed, set the button flag, re-enter the sleep state when the power button is continuously pressed for more than the preset duration, or when there is no button input within the predetermined time. Restores the status ID to the default value, saves the current number of available password retries, and the current status of the lock flag.
  • the dynamic token when detecting that the button flag is set, and the dynamic token is not initialized, the dynamic token detects whether the liquid crystal screen and the keyboard are available according to the type of the pressed button;
  • the dynamic token When it is detected that the button flag is set and the dynamic token has been initialized, the dynamic token performs the following operations:
  • Step 201 Clear the button flag, scan the button, determine the type of the pressed button, if it is the power button, go to step 202, if it is the delete button, go to step 203, if it is the number button, go to step 204, if Steps 206 are performed for confirming the key; [0184]
  • the button debounce processing is further included.
  • step S1 when it is detected that the button is pressed, it is determined whether the time when the button is pressed exceeds the preset time, then step S1 is performed, otherwise the ⁇ flag is cleared, the sleep state is continued, and the waiting button flag is set, wherein the detection is performed.
  • step S1 is performed, otherwise the ⁇ flag is cleared, the sleep state is continued, and the waiting button flag is set, wherein the detection is performed.
  • the preset time is 20 ⁇ seconds.
  • the key circuit debounce processing can also be implemented by using a hardware circuit, which can be specifically implemented according to the characteristics of the RS trigger.
  • Step 202 Check the boot flag
  • the power-on flag When the power-on flag is set, the power-on flag is reset, enters a sleep state, and when it is detected that the ⁇ flag is set, step 201 is performed;
  • step 203 is performed;
  • Step 203 Check whether the lock flag is set. If yes, the information indicating that the dynamic token is locked is displayed, and the status identifier is set to the first preset value, and the information indicating that the unlock code is prompted to be displayed is performed, and step 212 is performed; otherwise, Setting the status identifier to a second preset value, displaying information prompting to input a power-on password, performing step 212;
  • Step 204 Check the boot flag, when the boot flag is set, check the status identifier, delete a unit data at the end of the corresponding buffer area, display the corresponding number, and perform step 212, if the corresponding buffer area If there is no data, step 212 is performed directly; when the power-on flag is not set, the sleep state, when it is detected that the button flag is set, step 201 is performed;
  • the checking the status identifier, deleting a unit data at the end of the corresponding buffer area includes:
  • a unit data is used to represent a number, and the unit data is encoded or uncoded;
  • the displaying the corresponding number specifically includes: displaying a number corresponding to all the unit data in the data buffer, and displaying the corresponding number as the data plaintext or the symbol "-" or displaying the fixed time data in plain text and then using the symbol "-
  • the display mode is selected according to the current value of the status identifiers.
  • Step 205 Check the boot flag, when the boot flag is set, check the status identifier, save the corresponding data according to the key value of the button to the corresponding buffer area, and perform step 212; when the boot flag is not When set, in the sleep state, when it is re-detected that the button flag is set, step 201 is performed;
  • the checking status identifier saving the corresponding data according to the key value of the button to the corresponding buffer area includes: checking the status identifier, and if the first preset value is, saving the corresponding data to the unlock code buffer area; The second or fourth preset value saves the corresponding data to the power-on password buffer area; if it is the fifth preset value, the corresponding data is saved to the new power-on password buffer area; if it is the sixth preset value, the corresponding data is saved to confirm the new boot. Password buffer; if it is other, it will not be processed;
  • the saving the corresponding data to the corresponding data buffer area specifically includes: determining, according to the status identifier, whether the number of unit data in the corresponding buffer area has exceeded a preset number, and saving the first or last pre- Set the number of unit data, otherwise save all unit data.
  • Step 206 Check the boot flag, when the boot flag is set, check the status identifier, and when the status identifier is the third preset value, determine the time when the button is continuously pressed. If the preset duration is exceeded, the status identifier is set to the fifth preset value, and the information indicating that the power-on password is reset is displayed, and step 212 is performed. Otherwise, step 212 is directly performed, and when the status identifier is not the third When the preset value is saved, the corresponding data is saved to the corresponding buffer area, and the corresponding number is displayed, and step 212 is performed; when the power-on flag is not set, the sleep state is entered, and when the button flag is re-detected, the step is performed.
  • saving the corresponding data to the corresponding buffer area includes: if the first preset value is, saving the corresponding data to the unlock code buffer area; The second or fourth preset value saves the corresponding data to the power-on password buffer area; if it is the fifth preset value, the corresponding data is saved to the new power-on password buffer area; if it is the sixth preset value, the corresponding data is saved to confirm the new boot. Password buffer; if it is other, it will not be processed.
  • Step 207 Check the boot flag, when the boot flag is set, check the status identifier, and when the status identifier is the first preset value, perform step 208, when the status identifier is Step 209 is performed when the second preset value is performed, and step 210 is performed when the status identifier is the third preset value; and step 211 is performed when the status identifier is the fifth preset value; Bit, in the sleep state, when it is re-detected that the button flag is set, step 201 is performed;
  • Step 208 Calculate and generate an unlock code verification code, and determine whether the data in the unlock code buffer area is consistent with the calculated unlock code verification code, and then reset the lock flag, and set the status flag to The fifth preset value, displaying information prompting the user to reset the power-on password, clearing the data in the unlock code buffer area, performing step 212; otherwise clearing the data in the unlock code buffer area, returning to step 203;
  • the method for calculating the unlock code verification code is the same as the method for calculating the unlock code verification code in the second embodiment, and details are not described herein again.
  • Step 209 It is determined whether the data in the power-on password buffer area is consistent with the power-on password currently stored by the dynamic token, and the status identifier is set to a third preset value, and the prompt information has been entered. Interface information, clear the data in the power-on password buffer, step 212; otherwise set the lock flag, clear the data in the power-on password buffer, return to step 203;
  • the number of available password retries may be set in the dynamic token
  • Step 210 Calculate the generated dynamic password, display the content corresponding to the dynamic password, and perform step 212;
  • the method for calculating the dynamic password is the same as the method for calculating the dynamic password in the second embodiment, and details are not described herein again.
  • Step 211 determining whether the data in the new power-on password buffer area meets a preset condition, and replacing the power-on password stored in the current token with the data in the new power-on password buffer area, where the status is The identifier is set to the third preset value, the information indicating that the information interface has been entered is displayed, the data in the new power-on password buffer area is cleared, and step 212 is performed; otherwise, the data in the new power-on password buffer area is cleared, and step 212 is performed;
  • Step 212 Determine whether the button flag is detected to be set within a predetermined time, if yes, execute step 201, otherwise, reset the boot flag, enter a sleep state, and when the ⁇ flag is detected again After being set, step 201 is performed.
  • the step 207 may further include: performing step 213 when the status identifier is a fourth preset value; performing step 214 when the status identifier is a sixth preset value; When the status identifier is the seventh preset value, step 215 is performed; where the step 213, step 214, and step 215 are specifically:
  • Step 213 Determine whether the data in the power-on password buffer area is consistent with the power-on password currently stored by the dynamic token, and then set the status identifier to a fifth preset value, and display a prompt to reset the power-on password. For clearing the data in the power-on password buffer, go to step 212; otherwise, clear the data in the power-on password buffer, go to step 212;
  • the method when it is determined that the pressed time of the pressed ⁇ is more than the preset duration, the method includes: setting the status identifier to a fourth preset value, displaying the prompt input For the current power-on password, go to step 212.
  • Step 214 Determine whether the data in the power-on password buffer area is consistent with the new power-on password, and replace the power-on password stored in the current dynamic token with the new power-on password, and set the status identifier to The third preset value, indicating that the prompt has entered the information If the information in the interface is cleared, the data in the power-on password buffer area is cleared, and step 212 is performed; otherwise, the status identifier is set to the fifth preset value, and the information indicating that the power-on password is reset is displayed, and the confirmation in the power-on password buffer area is cleared. Data, performing step 212;
  • step 211 when it is determined in step 211 that the data in the new power-on password buffer area meets the preset condition, the data in the new power-on password buffer area is stored as a new power-on password, and the status identifier is set to sixth.
  • the preset value displays a message prompting to confirm the reset power-on password, and clears the data in the password buffer area, and step 212 is performed.
  • Step 215 Set the status identifier to a third preset value, and perform step 212.
  • the method further includes: setting the status identifier to a seventh preset value, and determining whether the button identifier is detected before the dynamic password is invalidated. If yes, the process returns to step 201. Otherwise, when the dynamic password is invalid, the status flag is set to a third preset value, and step 212 is performed.
  • the unlock code buffer area and the boot code buffer area use the same storage area.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

Disclosed is a one-time password operating method, comprising: when a one-time password detects a valid key, judging the type of a pressed key, if the pressed key is a power-on key, detecting whether a current power-on logo is set, if yes, resetting same, otherwise, setting same and inspecting whether a locking logo is set, if yes, entering an unlocking code interface, otherwise entering an information interface; if the pressed key is a delete key, deleting data at the tail end of a data cache area; if the pressed key is a number key and the one-time password is not in the information interface, storing corresponding data in the data cache area; if the one-time password is in the information interface, judging whether the time for the key being pressed down goes beyond a preset time period, if yes, entering a power-on password modifying interface, otherwise storing corresponding data in the data cache area; if the pressed key is an Enter key and the one-time password is not in the information interface, judging whether the data in the data cache area are correct or meet requirements, if the one-time password is in the information interface, generating a dynamic password and displaying corresponding contents.

Description

一种动态令牌的工作方法  A working method of dynamic token
技术领域 Technical field
[0001] 本发明涉及信息安全领域, 特别涉及一种动态令牌的工作方 法。  [0001] The present invention relates to the field of information security, and in particular, to a method for working with a dynamic token.
背景技术 Background technique
[0002] 在现有技术中, 动态令牌 ( One-time Password, OTP )是一种 安全便捷的帐号防盗技术, 根据专门的算法生成一个不可预测的随 机数字组合, 每个口令只能使用一次, 用户进行认证时候, 除输入 账号和静态密码之外, 必须要求输入动态密码, 只有通过系统验证, 才可以正常登录或者交易, 从而有效保证用户身份的合法性和唯一 性。 动态令牌最大的优点在于, 用户每次使用的口令都不相同, 使 得不法分子无法仿冒合法用户的身份。 动态口令认证技术被认为是 目前能够最有效解决用户的身份认证方式之一, 可以有效防范黑客 木马盗窃用户账户口令、 假网站等多种网络问题, 导致用户的财产 或者资料丢失的损失。 目前被广泛运用在网银、 网游、 电信运营商、 电子政务、 企业等领域。  [0002] In the prior art, a One-time Password (OTP) is a safe and convenient account anti-theft technology, and generates an unpredictable random number combination according to a special algorithm, and each password can be used only once. When the user authenticates, in addition to entering the account number and static password, the user must be required to input a dynamic password. Only through system verification can the user log in or trade normally, thus effectively ensuring the legality and uniqueness of the user identity. The biggest advantage of dynamic tokens is that the passwords used by users are different each time, making it impossible for criminals to fake the identity of legitimate users. Dynamic password authentication technology is considered to be one of the most effective ways to solve user identity authentication. It can effectively prevent multiple network problems such as hacker Trojans stealing user account passwords and fake websites, resulting in loss of user property or data loss. Currently widely used in online banking, online games, telecom operators, e-government, enterprises and other fields.
[0003] 发明人在实现本发明的过程中, 发现由于目前的动态令牌显 示密码都是 6位或者 8位, 当盗窃者得到了种子或者多个密码后进 行反推有破解的风险, 且动态令牌容易丟失或被盗用。  [0003] In the process of implementing the present invention, the inventor finds that since the current dynamic token display password is 6 bits or 8 bits, when the thief obtains the seed or multiple passwords, the reverse push has the risk of cracking, and Dynamic tokens are easily lost or stolen.
发明内容 Summary of the invention
[0004] 鉴于现有技术的不足, 为了有效的防止动态令牌被盗用、 动 态令牌丢失、 种子文件丢失以及群举的可能, 本发明提出了一种动 态令牌的工作方法。  In view of the deficiencies of the prior art, in order to effectively prevent the theft of dynamic tokens, loss of dynamic tokens, loss of seed files, and grouping, the present invention proposes a working method of dynamic tokens.
[0005] 本发明采用的技术方案如下:  [0005] The technical solution adopted by the present invention is as follows:
[0006] 一种动态令牌的工作方法, 其特征在于, 当所述动态令牌检 测到其按键标志被置位后包括: [0006] A method for working on a dynamic token, characterized in that, when the dynamic token is checked After detecting that the button flag is set, it includes:
[0007] 步骤 A: 清除按键标志, 扫描按键, 判断被按下的按键的类 型, 若为电源键则执行步骤 B, 若为删除键则执行步骤 D, 若为第 一数字键组中的任意按键则执行步骤 E, 若为第二数字键组中的任 意按键则执行步骤 F, 若为确认键则执行步骤 G;  [0007] Step A: Clear the button mark, scan the button, determine the type of the pressed button, if it is the power button, execute step B, if it is the delete button, perform step D, if it is any of the first number key group Press the button to execute step E, if it is any button in the second number key group, execute step F, if it is the confirmation button, execute step G;
[0008] 步骤 B: 检查开机标志, 当所述开机标志被置位时, 将所述 开机标志复位, ¾A休眠状态; 当所述开机标志未被置位时, 将所 述开机标志置位, 执行步骤 C;  [0008] Step B: checking the boot flag, when the boot flag is set, resetting the boot flag, 3⁄4A sleep state; when the boot flag is not set, the boot flag is set, Perform step C;
[0009] 步骤 C: 检查锁定标志, 若所述锁定标志被置位则将状态标 识置为第一预设值, 执行步骤 L; 若所述锁定标志未被置位则将所 述状态标识置为第二预设值, 执行步骤 L;  [0009] Step C: checking the lock flag, if the lock flag is set, setting the status flag to the first preset value, performing step L; if the lock flag is not set, the status flag is set For the second preset value, performing step L;
[0010] 步骤 D: 检查所述开机标志, 当所述开机标志被置位时, 删 除数据緩存区末端的一个单元数据, 显示相应数字, 执行步骤 L; 当所述开机标志未被置位时, 休眠状态;  [0010] Step D: checking the boot flag, when the boot flag is set, deleting one unit data at the end of the data buffer, displaying the corresponding number, performing step L; when the boot flag is not set Sleep state
[0011] 步骤 E: 检查所述开机标志, 当所述开机标志被置位时, 保 存相应数据到所述数据緩存区, 并显示相应数字, 执行步骤 L; 当 所述开机标志未被置位时, 进入休眠状态;  [0011] Step E: checking the boot flag, when the boot flag is set, saving corresponding data to the data buffer, and displaying corresponding numbers, performing step L; when the boot flag is not set When entering the sleep state;
[0012] 步骤 F: 检查所述开机标志,  [0012] Step F: checking the boot flag,
[0013] 当所述开机标志被置位且所述状态标识为第三预设值时, 判 断所述被按下的按键被连续按下的时间是否超过预设时长, 是则将 所述状态标识置为第五预设值, 执行步骤 L, 否则直接执行步骤 L;  [0013] when the power-on flag is set and the state identifier is a third preset value, determining whether the pressed button is continuously pressed for more than a preset duration, and then the state is The flag is set to the fifth preset value, and step L is performed, otherwise step L is directly executed;
[0014] 当所述开机标志被置位且所述状态标识不为第三预设值时, "相应的数据到所述数据緩存区, 并显示相应数字, 执行步骤 L;  [0014] When the power-on flag is set and the state identifier is not the third preset value, "the corresponding data to the data buffer, and display the corresponding number, perform step L;
[0015] 当所述开机标志未被置位时, 休眠状态;  [0015] when the boot flag is not set, the sleep state;
[0016] 步骤 G: 检查所述开机标志,  [0016] Step G: checking the boot flag,
[0017] 当所述开机标志被置位时, 检查所述状态标识, 若所述状态 标识为第一预设值则执行步骤 H,若为第二预设值则执行步骤 I,若 为第三预设值则执行步骤 J, 若为第五预设值则执行步骤 K; [0018] 当所述开机标志未被置位时, 休眠状态; [0017] When the power-on flag is set, the status identifier is checked, if the status identifier is the first preset value, step H is performed, and if the second preset value is the second step, step I is performed. The third preset value is performed in step J, and if it is the fifth preset value, step K is performed; [0018] when the boot flag is not set, the sleep state;
[0019] 步骤 H: 计算生成解锁码验证码, 并判断所述数据緩存区中 的数据与计算生成的解锁码验证码是否一致, 是则将所述锁定标志 复位, 将所述状态标识置为第五预设值, 清除所述数据緩存区中的 数据, 执行步骤 L; 否则清除所述数据緩存区中的数据, 返回执行 步骤 C;  [0019] Step H: calculating an unlock code verification code, and determining whether the data in the data buffer is consistent with the calculated unlock code verification code, and resetting the lock flag, and setting the status identifier to The fifth preset value, clear the data in the data buffer, perform step L; otherwise clear the data in the data buffer, return to step C;
[0020] 步骤 I:判断所述数据緩存区中的数据与所述动态令牌内部当 前存储的开机密码是否一致,是则将所述状态标识置为第三预设值, 清除所述数据緩存区中的数据, 执行步骤 L; 否则清除所述数据緩 存区中的数据, 将所述锁定标志置位, 返回执行步骤 C;  [0020] Step I: determining whether the data in the data buffer is consistent with the power-on password currently stored in the dynamic token, and then setting the status identifier to a third preset value, and clearing the data cache. The data in the area, step L is performed; otherwise, the data in the data buffer is cleared, the lock flag is set, and the process returns to step C;
[0021] 步骤 J : 计算生成动态口令,显示与所述动态口令相对应的内 容, 执行步骤 L;  [0021] Step J: Calculate the generated dynamic password, display the content corresponding to the dynamic password, perform step L;
[0022] 步骤 K: 判断所述数据緩存区中的数据是否符合预设条件, 是则用所述数据緩存区中的数据替换所述动态令牌内部当前存储的 开机密码, 清除所述数据緩存区中的数据, 将所述状态标识置为第 三预设值, 执行步骤 L; 否则清除所述数据緩存区中的数据, 执行 步骤 L;  [0022] Step K: determining whether the data in the data buffer area meets a preset condition, and replacing the power-on password currently stored in the dynamic token with the data in the data buffer area, and clearing the data cache. The data in the area, the state identifier is set to a third preset value, step L is performed; otherwise, the data in the data buffer area is cleared, and step L is performed;
[0023] 步骤 L: 判断在预定时间内是否检测到所述按键标志被置位, 是则返回执行步骤 A; 否则将所述开机标志复位, 进入休眠状态。  [0023] Step L: determining whether the button flag is set to be set within a predetermined time, and then returning to step A; otherwise, resetting the power-on flag to enter a sleep state.
[0024] 或者,  [0024] Alternatively,
[0025] 一种动态令牌的工作方法, 其特征在于, 当所述动态令牌检 测到其按键标志被置位后包括:  [0025] A method for operating a dynamic token, comprising: after the dynamic token detects that a button flag is set, the method includes:
[0026] 步骤 a:清除按键标志、扫描按键,判断被按下的按键的类型, 若为电源键则执行步骤 b,若为删除键则执行步骤 d,若为第一数字 键组中的任意按键则执行步骤 e, 若为第二数字键组中的任意按键 则执行步骤 f, 若为确认键则执行步骤 g;  [0026] Step a: clear the button mark, the scan button, determine the type of the pressed button, if it is the power button, perform step b, if it is the delete button, perform step d, if it is any of the first number key group Press the button to execute step e, if it is any button in the second number key group, execute step f, if it is the confirmation button, execute step g;
[0027] 步骤 b: 检查开机标志, 当所述开机标志被置位时, 将所述开 机标志复位, 休眠状态; 当所述开机标志未被置位时, 将所述 开机标志置位, 执行步骤 c; [0028] 步骤 c: 检查锁定标志, 若所述锁定标志被置位则将状态标识 置为第一预设值,执行步骤 1; 若所述锁定标志未被置位则将所述状 态标识置为第二预设值, 执行步骤 1; [0027] Step b: checking the boot flag, when the boot flag is set, resetting the boot flag to a sleep state; when the boot flag is not set, setting the boot flag to execute Step c; [0028] Step c: checking the lock flag, if the lock flag is set, setting the status flag to the first preset value, performing step 1; if the lock flag is not set, the status flag is set For the second preset value, perform step 1;
[0029] 步骤 d: 检查所述开 志, 当所述开机标志被置位时,检查 状态标识, 删除相应緩存区末端的一个单元数据, 显示相应数字, 执行步骤 1; 当所述开才*志未被置位时, 休眠状态;  [0029] Step d: checking the opening, when the boot flag is set, checking the status identifier, deleting a unit data at the end of the corresponding buffer area, displaying the corresponding number, performing step 1; When the ambition is not set, the sleep state;
[0030] 步骤 e: 检查所述开机标志, 当所述开机标志被置位时, 检查 状态标识, 保存相应数据到相应緩存区, 并显示相应数字, 执行步 骤 1; 当所述开机标志未被置位时, 休眠状态;  [0030] Step e: checking the boot flag, when the boot flag is set, checking the status identifier, saving the corresponding data to the corresponding buffer area, and displaying the corresponding number, performing step 1; when the boot flag is not When set, the sleep state;
[0031] 步骤 f: 检查所述开机标志,  [0031] Step f: checking the boot flag,
[0032] 当所述开机标志被置位且所述状态标识为第三预设值时, 判 断所述被按下的按键被连续按下的时间是否超过预设时长, 是则将 所述状态标识置为第五预设值, 执行步骤 1, 否则直接执行步骤 1;  [0032] when the power-on flag is set and the state identifier is a third preset value, determining whether the pressed button is continuously pressed for more than a preset duration, and then the state is The flag is set to the fifth preset value, and step 1 is performed; otherwise, step 1 is directly performed;
[0033] 当所述开机标志被置位且所述状态标识不为第三预设值时, 检查状态标识, 保存相应数据到相应緩存区, 并显示相应数字, 执 行步骤 1;  [0033] When the power-on flag is set and the state identifier is not the third preset value, check the status identifier, save the corresponding data to the corresponding buffer area, and display the corresponding number, perform step 1;
[0034] 当所述开机标志未被置位时, 休眠状态;  [0034] when the boot flag is not set, the sleep state;
[0035] 步骤 g: 检查所述开机标志, [0035] Step g: checking the boot flag,
[0036] 当所述开机标志被置位时, 检查所述状态标识, 若所述状态 标识为第一预设值则执行步骤 h, 若为第二预设值则执行步骤 i, 若 为第三预设值则执行步骤 j, 若为第五预设值则执行步骤 k;  [0036] When the power-on flag is set, the status identifier is checked, if the status identifier is the first preset value, step h is performed, and if the second preset value is the second step, step i is performed. The third preset value performs step j, and if it is the fifth preset value, step k is performed;
[0037] 当所述开机标志未被置位时, 休眠状态;  [0037] when the boot flag is not set, the sleep state;
[0038] 步骤 h:计算生成解锁码驗证码,并判断解锁码数据緩存区中 的数据与计算生成的解锁码验证码是否一致, 是则将所述锁定标志 复位, 将所述状态标识置为第五预设值, 清除所述解锁码緩存区中 的数据, 执行步骤 1; 否则清除所述解锁码緩存区中的数据, 返回执 行步骤 c;  [0038] Step h: calculating an unlock code verification code, and determining whether the data in the unlock code data buffer is consistent with the calculated unlock code verification code, and then resetting the lock flag, and setting the status flag For the fifth preset value, clear the data in the unlock code buffer, perform step 1; otherwise, clear the data in the unlock code buffer, and return to step c;
[0039] 步骤 i: 判断开机密码緩存区中的数据与所述动态令牌内部当 前存储的开机密码是否一致,是则将所述状态标识置为第三预设值, 清除所述开机密码緩存区中的数据,执行步骤 1; 否则清除所述开机 密码緩存区中的数据, 将所述锁定标志置位, 返回执行步骤 c; [0039] Step i: determining data in the power-on password buffer area and the dynamic token inside Whether the previously stored power-on passwords are consistent, the state identifier is set to a third preset value, and the data in the power-on password buffer area is cleared, and step 1 is performed; otherwise, the data in the power-on password buffer area is cleared. Setting the lock flag, returning to step c;
[0040] 步骤 j : 计算生成动态口令, 显示与所述动态口令相对应的内 容, 执行步骤 1;  [0040] Step j: Calculate the generated dynamic password, display the content corresponding to the dynamic password, perform step 1;
[0041] 步骤 k: 判断新开机密码緩存区中的数据是否符合预设^ K 是则用所述新开机密码緩存区中的数据替换所述动态令牌内部当前 存储的开机密码, 清除所述新开机密码緩存区中的数据, 将所述状 态标识置为第三预设值,执行步骤 1; 否则清除所述新开机密码緩存 区中的数据, 执行步骤 1;  [0041] Step k: determining whether the data in the new power-on password buffer area meets the preset value, and then replacing the power-on password currently stored in the dynamic token with the data in the new power-on password buffer area, and clearing the The data in the new power-on password buffer area is set to the third preset value, and step 1 is performed; otherwise, the data in the new power-on password buffer area is cleared, and step 1 is performed;
[0042] 步骤 1: 判断在预定时间内是否检测到所述按键标志被置位, 是则返回执行步骤 A; 否则将所述开机标志复位, 进入休眠状态。  [0042] Step 1: It is determined whether the button flag is detected to be set within a predetermined time, and then returns to step A; otherwise, the power-on flag is reset to enter a sleep state.
[0043] 本发明的有益效果在于: 可有效的防止动态令牌被盗用、 防 范动态令牌丟失或种子丢失后对用户造成损失, 以及降低群举成功 的概率。  [0043] The invention has the beneficial effects that: the dynamic token can be effectively prevented from being stolen, the loss of the dynamic token is prevented or the user is lost after the seed is lost, and the probability of success of the group is reduced.
附图说明 DRAWINGS
[0044] 为了更清楚的说明本发明实施例或现有技术中的技术方案, 下面将对实施例或现有技术描述中所需要使用的附图作简单的介 绍, 显而易见地, 下面描述中的附图仅仅是本发明的一些实施例, 对于本领域普通技术人员来讲, 在不付出创造性劳动的前提下, 还 可以根据这些附图获得其他的附图。  [0044] In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the following description of the drawings used in the embodiments or the prior art description will be briefly introduced, and obviously, in the following description The drawings are only some of the embodiments of the present invention, and those skilled in the art can obtain other drawings based on these drawings without any creative work.
[0045] 图 1 为本发明实施例二提供的一种动态令牌的工作方法的流 程图;  1 is a flow chart of a method for working on a dynamic token according to Embodiment 2 of the present invention;
[0046] 图 2为图 1中步骤 102至步骤 117的流程图;  2 is a flow chart of steps 102 to 117 of FIG. 1;
[0047] 图 3为图 1中步骤 118至步骤 126的流程图; 3 is a flow chart of steps 118 to 126 of FIG. 1;
[0048] 图 4为图 1中步骤 127至步骤 138的流程图; 4 is a flow chart of steps 127 to 138 of FIG. 1;
[0049] 图 5为图 1中步骤 139至步骤 171的流程图。 具体实施方式 5 is a flow chart of steps 139 to 171 of FIG. 1. detailed description
[0050] 下面将结合本发明实施例中的附图, 对本发明实施例中的技 术方案进行清楚、 完整地描述, 显然, 所描述的实施例仅仅是本发 明一部分实施例, 而不是全部的实施例。 于本发明中的实施例, 他实施例, 都属于本发明保护的范围。  The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. example. The embodiments of the present invention, the other embodiments thereof, are all within the scope of protection of the present invention.
[0051] 实施例一  Embodiment 1
[0052] 为了有效地防止动态令牌被盗用、 动态令牌丢失、 种子文件 丟失以及群举的可能, 本发明实施例提供了一种动态令牌的工作方 法, 其中, 所述动态令牌通常情况下处于休眠状态, 当有按键被按 下时被唤醒, 将按键标志置位, 当电源键被连续按下超过预设时长, 或在预定时间内没有按键输入时重新进入休眠状态, 同时将状态标 识恢复为默认值、 保存当前可用密码重试次数以及锁定标志的当前 状态。  [0052] In order to effectively prevent the theft of the dynamic token, the loss of the dynamic token, the loss of the seed file, and the possibility of the group, the embodiment of the present invention provides a working method of the dynamic token, where the dynamic token is usually In the sleep state, when a button is pressed, it is woken up, the button flag is set, when the power button is continuously pressed for more than the preset duration, or when there is no button input within a predetermined time, the sleep state is re-entered, and at the same time The status ID is restored to the default value, the current available password retries is saved, and the current status of the lock flag is saved.
[0053] 当检测到所述按键标志被置位, 且动态令牌未完成初始化时, 所述动态令牌根据被按下的按键的类型检测液晶屏和键盘是否可 用;  [0053] when detecting that the button flag is set, and the dynamic token is not initialized, the dynamic token detects whether the liquid crystal screen and the keyboard are available according to the type of the pressed button;
[0054] 当检测到所述按键标志被置位, 且动态令牌已经完成初始化 时, 动态令牌执行以下操作:  [0054] When it is detected that the button flag is set and the dynamic token has been initialized, the dynamic token performs the following operations:
[0055] 步骤 S1: 清除按键标志, 扫描按键, 判断被按下的按键的类 型, 若为电源键则执行步骤 S2, 若为删除键则执行步骤 S4, 若为第 一数字键组中的任意按键则执行步骤 S5, 若为第二数字键组中的任 意按键则执行步骤 S6, 若为确认键则执行步骤 S9;  [0055] Step S1: Clear the button flag, scan the button, and determine the type of the pressed button. If the power button is used, step S2 is performed. If the button is deleted, step S4 is performed, if any is in the first number key group. Press the key to execute step S5, if it is any of the second number key group, step S6 is performed; if it is the confirmation key, step S9 is performed;
[0056] 具体地, 按键可以是按钮、 触摸键、 微型开关、 光电开关、 感应式开关等不同形式;  [0056] Specifically, the button may be a button, a touch button, a micro switch, a photoelectric switch, an inductive switch, or the like;
[0057] 其中, 所述电源键、 所述删除键以及所述确认键可以是独立 按键, 也可以任意两者共用同一按键, 还可以是第一数字键组中的 任意按键: [0058] 相应地, 当电源键为第一数字键组中的任意 绽时, 在本步 骤中, 当判断出被按下的 为第一数字键组中的任意^ 时, 判 断是否为第一预设按键, 是则判断按键被按下的时间是否超过预设 时长, 且当超过预设时长时执行步骤 S2, 当未超过预设时长时执行 步骤 S5; 否则执行步骤 S5; [0057] The power button, the delete button, and the confirmation button may be independent buttons, or may share the same button, or may be any button in the first number button group: [0058] Correspondingly, when the power key is any of the first digital key groups, in this step, when it is determined that any of the first digital key groups is pressed, it is determined whether it is the first Preset button, is to determine whether the time when the button is pressed exceeds the preset duration, and when the preset duration is exceeded, step S2 is performed, when the preset duration is not exceeded, step S5 is performed; otherwise, step S5 is performed;
[0059] 当删除键为第一数字键组中的任意键时, 在本步骤中, 当判 断出被按下的^ 为第一数字键组中的任意換睃时判断是否为第二 预设按键, 是则判断按键被按下的时间是否超过预设时长, 且当超 过预设时长时执行步骤 S4, 当未超过预设时长时执行步骤 S5; 否则 执行步骤 S5;  [0059] When the delete key is any key in the first numeric key group, in this step, when it is determined that the pressed ^ is any change in the first numeric key group, it is determined whether it is the second preset. Pressing the button, determining whether the time when the button is pressed exceeds the preset duration, and executing step S4 when the preset duration is exceeded, and performing step S5 when the preset duration is not exceeded; otherwise, performing step S5;
[0060] 当确认键为第一数字键组中的任意键时, 在本步骤中, 当判 断出被按下的 为第一数字键组中的任意 时判断是否为第三 预设按键, 是则判断按键被按下的时间是否超过预设时长, 且当超 过预设时长时执行步骤 S9, 当未超过预设时长时执行步骤 S5; 否则 执行步骤 S5;  [0060] When the confirmation key is any of the first numeric key groups, in this step, when it is determined that any of the first numeric key groups is pressed, it is determined whether it is the third preset key, Then, it is determined whether the time when the button is pressed exceeds the preset duration, and when the preset duration is exceeded, step S9 is performed, when the preset duration is not exceeded, step S5 is performed; otherwise, step S5 is performed;
[0061] 当电源键和删除键共用一个^ ^时, 在本步骤中, 当判断出 长, 是则执行步骤 S2, 否则执行步骤 S4; ' 、 ' [0061] When the power key and the delete key share a ^^, in this step, when it is judged that the length is long, step S2 is performed, otherwise step S4 is performed; ', '
[0062] 当确认键和电源键共用一个^ ^时, 在本步骤中, 当判断出 被按下的按键为确认键时判断按键被按下的时间是否超过预设时 长, 是则执行步骤 S2, 否则执行步骤 S9; [0062] When the confirmation key and the power key share a ^^, in this step, when it is determined that the pressed key is the confirmation key, it is determined whether the time when the key is pressed exceeds the preset duration, if yes, step S2 is performed. Otherwise, step S9 is performed;
[0063] 当确认键和删除键共用一个^ ^时, 在本步骤中, 当判断出 长, 是则执行步骤 S4, 否则执行步骤 S9。 ' 、 ' [0063] When the confirmation key and the delete key share a ^^, in this step, when it is judged that the length is long, step S4 is performed, otherwise step S9 is performed. ' , '
[0064] 优选地, 在本实施例中, 为防止静电等干扰和按键本身的抖 动引起的^^标志被置位, 当令牌检测到^^标志被置位后还包括 ^^消抖处理, 具体为: 当检测到 标志被置位后判断^ M被按 下的时间是否超过预设时间,是则执行步骤 Sl,否则清除按键标志, 休眠状态, 继续等待按键标志被置位, 其中检测按键被按下的 时间的办法可为多种, 在此不做限定; [0065] 优选地, 在本实施例中, 所述预设时间为 20亳秒;[0064] Preferably, in the embodiment, in order to prevent interference such as static electricity and the jitter of the button itself, the ^^ flag is set, and when the token detects that the ^^ flag is set, the ^^ debounce processing is further included. Specifically, when it is detected that the time when the M is pressed exceeds the preset time after detecting the flag is set, step S1 is performed, otherwise the button flag is cleared, the sleep state is continued, and the waiting button flag is set, wherein the detection is performed. There are a plurality of ways in which the button is pressed, which is not limited herein; [0065] Preferably, in this embodiment, the preset time is 20 亳 seconds;
[0066] 还可以采用硬件电路实现按键消抖处理,具体可根据 RS触发 器的特性实现。 [0066] The key circuit debounce processing can also be implemented by using a hardware circuit, which can be specifically implemented according to the characteristics of the RS trigger.
[0067] 步骤 S2: 检查开机标志, 当所述开机标志被置位时, 将所述 开机标志复位, 休眠状态, 当重新检测到所述^ ^标志被置位 后执行步骤 S1; 当所述开机标志未被置位时,将所述开才 *志置位, 顺序执行下一步;  [0067] Step S2: checking the boot flag, when the boot flag is set, resetting the boot flag, the sleep state, and performing step S1 after re-detecting that the ^^ flag is set; When the boot flag is not set, the open flag is set, and the next step is performed in sequence;
[0068] 步骤 S3: 检查锁定标志, 当所述锁定标志被置位时, 显示提 示动态令牌已锁定的信息, 将状态标识置为第一预设值, 显示提示 输入解锁码的信息, 执行步骤 S15; 当所述锁定标志未被置位时, 将所述状态标识置为第二预设值, 显示提示输入开机密码的信息, 执行步骤 S15;  [0068] Step S3: checking the lock flag, when the lock flag is set, displaying information indicating that the dynamic token is locked, setting the status identifier to the first preset value, displaying information prompting to input the unlock code, and executing Step S15; when the lock flag is not set, the state identifier is set to a second preset value, displaying information prompting to input a power-on password, step S15;
[0069] 步骤 S4: 检查所述开机标志, 当所述开机标志被置位时, 删 除数据緩存区末端的一个单元数据, 显示相应数字, 执行步骤 S15, 若所述数据緩存区中没有数据, 则直接执行步骤 S15; 当所述开机 标志未被置位时, 进入休眠状态, 当重新检测到所述按键标志被置 位后执行步骤 S1;  [0069] Step S4: checking the boot flag, when the boot flag is set, deleting one unit data at the end of the data buffer area, displaying the corresponding number, performing step S15, if there is no data in the data buffer area, Then directly executing step S15; when the power-on flag is not set, enter a sleep state, when it is re-detected that the button flag is set, step S1 is performed;
[0070] 其中, 在所述数据緩存区中用一个单元数据表示一个数字, 所述一个单元数据为经过编码的或未经编码的;  [0070] wherein, in the data buffer, a unit data is used to represent a number, and the unit data is encoded or uncoded;
[0071] 所述显示相应数字具体包括: 显示所述数据緩存区中全部单 元数据所对应的数字, 显示的相应数字为数据明文或符号 "-" 或先 显示固定时间数据明文后用符号 "-" 代替所述数据明文, 当所述 状态标识的不同预设值对应不同的显示方式时, 具体根据所述状态 标识的当前值选择显示方式。  [0071] The displaying the corresponding number specifically includes: displaying a number corresponding to all the unit data in the data buffer, and displaying the corresponding number as the data plaintext or the symbol "-" or displaying the fixed time data in plain text and then using the symbol "- When the different preset values of the status identifiers correspond to different display modes, the display mode is selected according to the current value of the status identifiers.
[0072] 步骤 S5: 检查所述开机标志, 当所述开机标志被置位时, 保 存相应数据到数据緩存区, 并显示相应数字, 执行步骤 S15; 当所 述开机标志未被置位时, 休眠状态, 当重新检测到所述 标 志被置位后执行步骤 S1 ;  [0072] Step S5: checking the boot flag, when the boot flag is set, saving corresponding data to the data buffer area, and displaying corresponding numbers, performing step S15; when the boot flag is not set, a sleep state, when it is re-detected that the flag is set, step S1 is performed;
[0073] 其中, [0074] 所述保存相应数据到数据緩存区具体包括: 根据所述状态标 识判断所述数据緩存区中单元数据的个数是否已超过预设个数, 是 则保存最先或最后的预设个数的单元数据,否则保存全部单元数据。 [0073] wherein [0074] The saving the corresponding data to the data buffer area specifically includes: determining, according to the status identifier, whether the number of unit data in the data buffer area has exceeded a preset number, and saving the first or last preset Unit data of the number, otherwise save all unit data.
[0075] 步骤 S6: 检查所述开机标志, 当所述开机标志被置位时, 顺 序执行下一步, 当所述开机标志未被置位时, 进入休眠状态, 当重 新检测到所述按键标志被置位后执行步骤 S1;  [0075] Step S6: checking the boot flag, when the boot flag is set, sequentially performing the next step, when the boot flag is not set, entering a sleep state, when the button flag is detected again After being set, step S1 is performed;
[0076] 步骤 S7: 检查所述状态标识, 当所述状态标识为第三预设值 时, 顺序执行下一步, 否则保存相应数据到数据緩存区, 并显示相 应数字, 执行步骤 S15;  [0076] Step S7: Check the status identifier, when the status identifier is the third preset value, the next step is performed sequentially, otherwise the corresponding data is saved to the data buffer area, and the corresponding number is displayed, and step S15 is performed;
[0077] 步骤 S8:判断所述按键被连续按下的时间是否超过预设时长, 是则将所述状态标识置为第五预设值, 显示提示重新设定开机密码 的信息, 执行步骤 S15; 否则直接执行步骤 S15;  [0077] Step S8: determining whether the time when the button is continuously pressed exceeds a preset duration, if yes, setting the status identifier to a fifth preset value, displaying a message prompting to reset the power-on password, and executing step S15 Otherwise, step S15 is directly executed;
[0078] 步骤 S9: 检查所述开机标志, 当所述开机标志被置位时, 顺 序执行下一步, 当所述开机标志未被置位时, 进入休眠状态, 当重 新检测到所述按键标志被置位后执行步骤 S1;  [0078] Step S9: checking the boot flag, when the boot flag is set, sequentially performing the next step, when the boot flag is not set, entering a sleep state, when the button flag is detected again After being set, step S1 is performed;
[0079] 步骤 S10:检查所述状态标识, 当所述状态标识为第一预设值 时执行步骤 S11 , 当所述状态标识为第二预设值时执行步骤 S12, 当 所述状态标识为第三预设值时执行步骤 S13, 当所述状态标识为第 五预设值时执行步骤 S14;  [0079] Step S10: Check the status identifier, when the status identifier is the first preset value, perform step S11, and when the status identifier is the second preset value, perform step S12, when the status identifier is Step S13 is performed when the third preset value is performed, and step S14 is performed when the status identifier is the fifth preset value;
[0080] 步骤 S 11: 计算生成解锁码驗证码, 并判断所述数据緩存区中 的数据与计算生成的解锁码验证码是否一致, 是则将所述锁定标志 复位, 将所述状态标识置为第五预设值, 显示提示用户重新设定开 机密码的信息, 清除数据緩存区中的数据, 执行步骤 S15; 否则清 除所述数据緩存区中的数据, 返回执行步骤 S3;  [0080] Step S11: Calculate and generate an unlock code verification code, and determine whether the data in the data buffer is consistent with the calculated unlock code verification code, and then reset the lock flag, and the status identifier is Set to the fifth preset value, the display prompts the user to reset the power-on password information, clear the data in the data buffer, step S15; otherwise clear the data in the data buffer, return to step S3;
[0081] 步骤 S12:判断所述数据緩存区中的数据与所述动态令牌当前 存储的开机密码是否一致, 是则将所述状态标识置为第三预设值, 显示提示已进入信息界面的信息, 清除数据緩存区中的数据, 执行 步骤 S15; 否则将所述锁定标志置位, 清除数据緩存区中的数据, 返回执行步骤 S3; [0082] 优选地, 所述动态令牌中可设置有可用密码重试次数; [0081] Step S12: determining whether the data in the data buffer is consistent with the power-on password currently stored by the dynamic token, and then setting the status identifier to a third preset value, and displaying that the prompt has entered the information interface. Information, clear the data in the data buffer, step S15; otherwise set the lock flag, clear the data in the data buffer, return to step S3; [0082] Preferably, the number of available password retries may be set in the dynamic token;
[0083] 相应地: 当所述锁定标志未被置位时, 判断所述数据緩存区 中的数据与所述动态令牌当前存储的开机密码是否一致, 是则将所 述状态标识置为第三预设值, 显示提示已进入信息界面的信息, 并 将所述可用密码重试次数置为初始值, 清除数据緩存区中的数据, 执行步骤 S15; 否则清除数据緩存区中的数据, 计算所述可用密码 重试次数减 1, 结果作为当前可用密码重试次数, 判断当前可用密 码重试次数是否为 0,是则将所述锁定标志置位,返回执行步骤 S3, 否则直接返回执行步骤 S3。  Correspondingly: when the lock flag is not set, determining whether the data in the data buffer is consistent with the power-on password currently stored by the dynamic token, and then setting the status identifier to be the first The preset value is displayed, and the information indicating that the information interface has been entered is displayed, and the number of available password retries is set to an initial value, and the data in the data buffer is cleared, and step S15 is performed; otherwise, the data in the data buffer is cleared, and the calculation is performed. The number of available password retries is reduced by 1, and the result is used as the number of currently available password retries to determine whether the current available password retries is 0. If yes, the lock flag is set, and the process returns to step S3, otherwise the process returns directly to the execution step. S3.
[0084] 步骤 S13:计算生成动态口令,显示与所述动态口令相对应的 内容, 执行步骤 S15。  [0084] Step S13: Calculate and generate a dynamic password, and display content corresponding to the dynamic password, and execute step S15.
[0085] 步骤 S14:判断数据緩存区中的数据是否符合预设 是则 用所述数据緩冲区中的数据替换当前所述令牌内部存储的开机密 码, 将所述状态标识置为第三预设值, 显示提示已进入信息界面的 信息, 清除数据緩存区中的数据, 执行步骤 S15; 否则清除数据緩 存区中的数据, 执行步骤 S15;  [0085] Step S14: determining whether the data in the data buffer area is consistent with the preset, then replacing the power-on password stored in the current token with the data in the data buffer, and setting the status identifier to the third Preset value, display information indicating that the information has been entered, clear the data in the data buffer, step S15; otherwise clear the data in the data buffer, step S15;
[0086] 步骤 S15: 判断在预定时间内是否检测到所述按键标志被置 位, 是则执行步骤 Sl, 否则, 将所述开机标志复位, 进入休眠状态, 且当重新检测到所述^ 标志被置位后执行步骤 Sl。  [0086] Step S15: determining whether the button flag is set to be set within a predetermined time, if yes, performing step S1; otherwise, resetting the power-on flag, entering a sleep state, and when the ^ flag is detected again After being set, step S1 is performed.
[0087] 优选地, 所述步骤 S10 中还可以包括: 当所述状态标识为第 四预设值时执行步骤 S16; 当所述状态标识为第六预设值时执行步 骤 S17; 当所述状态标识为第七预设值时执行步骤 S18; 其中所述步 骤 S16、 步骤 S17、 步骤 S18具体为:  [0087] Preferably, the step S10 may further include: performing step S16 when the status identifier is a fourth preset value; performing step S17 when the status identifier is a sixth preset value; When the status identifier is the seventh preset value, step S18 is performed; where the step S16, the step S17, and the step S18 are specifically:
[0088] 步骤 S16:判断所述数据緩存区中的数据与所述动态令牌当前 存储的开机密码是否一致, 是则将所述状态标识置为第五预设值, 显示提示重新设定开机密码的信息,清除所述数据緩存区中的数据, 执行步骤 S15; 否则清除所述数据緩存区中的数据, 执行步骤 S15;  [0088] Step S16: determining whether the data in the data buffer is consistent with the power-on password currently stored by the dynamic token, and then setting the status identifier to a fifth preset value, and displaying a prompt to reset the boot. The information of the password, clear the data in the data buffer, step S15; otherwise clear the data in the data buffer, step S15;
[0089] 相应地, 步骤 S8中当判断出所述被按下的^^被连续按下的 时间是超过预设时长时包括: 将所述状态标识置为第四预设值, 显 示提示输入当前开机密码的信息, 执行步骤 S15。 [0089] Correspondingly, when it is determined that the time when the pressed ^^ is continuously pressed exceeds the preset duration in step S8, the method includes: setting the status identifier to a fourth preset value, The prompting to input the information of the current power-on password is performed, and step S15 is performed.
[0090] 步骤 S17:判断所述数据緩存区中的数据与新开机密码是否一 致, 是则用所述新开机密码替换当前所述动态令牌内部存储的开机 密码, 将所述状态标识置为第三预设值, 显示提示已进入信息界面 的信息, 清除所述数据緩存区中的数据, 执行步骤 S15; 否则将所 述状态标识置为第五预设值, 显示提示重新设定开机密码的信息, 清除所述数据緩存区中的数据, 执行步骤 S15;  [0090] Step S17: determining whether the data in the data buffer is consistent with the new power-on password, and replacing the power-on password stored in the current dynamic token with the new power-on password, and setting the status identifier to The third preset value displays information indicating that the information has been entered, clears the data in the data buffer, and performs step S15; otherwise, sets the status identifier to a fifth preset value, and displays a prompt to reset the power-on password. Information, clear the data in the data buffer, step S15;
[0091] 相应地, 步骤 S14 中当判断出所述数据緩存区中的数据符合 预设条件时, 将所述数据緩存区中的数据存储为新开机密码, 将所 述状态标识置为第六预设值, 显示提示确认重新设定的开机密码的 信息, 清除所述数据緩存区中的数据, 执行步骤 S15。  Correspondingly, when it is determined in step S14 that the data in the data buffer meets the preset condition, the data in the data buffer is stored as a new power-on password, and the status identifier is set to a sixth. The preset value displays a message prompting to confirm the reset power-on password, clears the data in the data buffer, and executes step S15.
[0092] 步骤 S18: 将所述状态标识置为第三预设值, 执行步骤 S15。  [0092] Step S18: The state identifier is set to a third preset value, and step S15 is performed.
[0093] 相应地, 所述步骤 S13 中所述计算生成动态口令后还包括: 将所述状态标识置为第七预设值, 判断在所述动态口令失效前是否 检测到所述^ 标识被置位, 是则返回执行步骤 Sl, 否则当所述动 态口令失效时将所述状态标识置为第三预设值, 执行步骤 S15。  Correspondingly, after the calculating the dynamic password in the step S13, the method further includes: setting the status identifier to a seventh preset value, and determining whether the ^ identifier is detected before the dynamic password is invalidated. If yes, the process returns to step S1. Otherwise, when the dynamic password is invalid, the status flag is set to a third preset value, and step S15 is performed.
[0094] 实施例二  Embodiment 2
[0095] 为了有效地防止动态令牌被盗用、 动态令牌丢失、 种子文件 丟失以及群举的可能, 本发明实施例以电源键和删除键共用一个按 键、 数字按键 1~9作为第一数字键组、 数字键 0作为第二数字键组 为例提供了一种动态令牌的具体实现方法, 其中, 所述动态令牌通 常情况下处于休眠状态, 当有按键被按下时被唤醒, 并将按键标志 置位, 当电源键被连续按下超过预设时长, 或在预定时间内没有按 键输入时重新进入休眠状态, 同时将状态标识恢复为默认值、 保存 当前可用密码重试次数以及锁定标志的当前状态。 参见图 1、 图 2、 图 3、 图 4和图 5, 当检测到^^标志被置位后, 动态令牌执行以下 操作:  In order to effectively prevent the dynamic token from being stolen, the dynamic token is lost, the seed file is lost, and the group is raised, the power button and the delete button share a button and the number buttons 1 to 9 as the first number. The key group and the numeric key 0 are used as the second numeric key group as an example to provide a specific implementation method of the dynamic token. The dynamic token is normally in a sleep state, and is awakened when a button is pressed. And set the button flag, when the power button is continuously pressed for more than the preset duration, or re-enter the sleep state when there is no button input within the predetermined time, and at the same time restore the status flag to the default value, save the current available password retries and The current state of the lock flag. Referring to Figure 1, Figure 2, Figure 3, Figure 4, and Figure 5, when the ^^ flag is detected, the dynamic token performs the following operations:
[0096] 步骤 101: 清除按键标志, 扫描键盘, 判断被按下的按键的类 型, 若为电源键则执行步骤 102, 若为数字键 1-9中的任意键则执 行步骤 118, 若为数字键 0则执行步骤 127, 若为 OK键则执行步骤 139; [0096] Step 101: Clear the button flag, scan the keyboard, determine the type of the pressed button, if it is the power button, go to step 102, if it is any of the number keys 1-9, then execute Step 118, if it is a numeric key 0, step 127 is performed, if it is an OK key, step 139 is performed;
[0097] 步骤 102: 判断设备是否初始化, 是则执行步骤 106, 否则顺 序执行下一步;  [0097] Step 102: Determine whether the device is initialized, if yes, go to step 106, otherwise execute the next step in sequence;
[0098] 具体地, 设备初始化的过程即为向动态令牌中写入用户信息 的过程。  [0098] Specifically, the process of device initialization is a process of writing user information into a dynamic token.
[0099] 步骤 103: 液晶屏自检;  [0099] Step 103: LCD screen self-test;
[0100] 步骤 104: 判断预定时间内是否检测到按键标志被置位,是则 返回执行步骤 101, 否则顺序执行下一步;  [0100] Step 104: Determine whether the button flag is set to be set within the predetermined time, if yes, return to step 101, otherwise execute the next step in sequence;
[0101] 步骤 105: 休眠状态,且当重新检测到^ 标志被置位后 执行步骤 101;  [0101] Step 105: a sleep state, and when the re-detection of the ^ flag is set, step 101 is performed;
[0102] 步骤 106: 检查开机标志是否被置位, 是则顺序执行下一步, 否则执行步骤 110;  [0102] Step 106: Check whether the boot flag is set, if yes, the next step is performed, otherwise step 110 is performed;
[0103] 步骤 107: 判断电源键被按下的时间是否超过预设时长,是则 顺序执行下一步, 否则执行步骤 109;  [0103] Step 107: determining whether the time when the power button is pressed exceeds the preset duration, if yes, the next step is performed, otherwise step 109 is performed;
[0104] 优选地, 本实施例中, 所述预设时长为 2秒。  [0104] Preferably, in this embodiment, the preset duration is 2 seconds.
[0105] 步骤 108: 将开才 1 志复位, 休眠状态, 且当重新检测到 ^^标志被置位后执行步骤 101;  [0105] Step 108: reset the open state, sleep state, and when it is detected that the ^^ flag is set, step 101 is performed;
[0106] 步骤 109: 删除数据緩存区末端的一个单元数据,显示相应数 字, 执行步骤 116, 若所述数据緩存区中没有数据, 则跳过本步骤 直 行步骤 116;  [0106] Step 109: Delete a unit data at the end of the data buffer area, display the corresponding number, and perform step 116. If there is no data in the data buffer area, skip this step and go straight to step 116;
[0107] 其中, 在所述数据緩存区中用一个单元数据表示一个数字, 所述一个字节数据为经过编码的或未经编码的, 所述显示相应数字 具体为显示数据緩存区中所有单元数据所对应的数字„  [0107] wherein, in the data buffer, a unit data is used to represent a number, the one byte data is encoded or uncoded, and the display corresponding number is specifically all units in the display data buffer area. The number corresponding to the data „
[0108] 步骤 110: 判断电源键被按下的时间是否超过预设时长,是则 顺序执行下一步, 否则执行步骤 112;  [0108] Step 110: It is determined whether the time when the power button is pressed exceeds the preset duration, if yes, the next step is performed, otherwise step 112 is performed;
[0109] 步骤 111: 休眠状态, 且当重新检测到^ 标志被置位后 执行步骤 101; [0110] 步骤 112: 将开机标志置位; [0109] Step 111: a sleep state, and when the re-detection of the ^ flag is set, step 101 is performed; [0110] Step 112: Set the boot flag;
[0111] 步骤 113: 检查锁定标志是否被置位, 是则顺序执行下一步, 否则执行步骤 115;  [0111] Step 113: Check whether the lock flag is set, if yes, the next step is performed, otherwise step 115 is performed;
[0112] 步骤 114:将状态标识置为第一预设值,显示输入解锁码界面, 执行步骤 116;  [0112] Step 114: Set the status identifier to the first preset value, display the input unlock code interface, and perform step 116;
[0113] 步骤 115: 将状态标识置为第二预设值, 显示输入开机密码界 面;  [0113] Step 115: Set the status identifier to a second preset value, and display an input power-on password interface;
[0114] 步骤 116: 判断预定时间内是否检测到按键标志被置位,是则 返回执行步骤 101, 否则顺序执行下一步;  [0114] Step 116: Determine whether the button flag is set to be set within the predetermined time, and then return to step 101, otherwise execute the next step in sequence;
[0115] 步骤 117: 将开机标志复位, 休眠状态, 且当重新检测到 标志被置位后执行步骤 101;  [0115] Step 117: reset the power-on flag, sleep state, and when the re-detection flag is set, perform step 101;
[0116] 步骤 118: 判断设备是否初始化, 是则执行步骤 122, 否则顺 序执行下一步;  [0116] Step 118: Determine whether the device is initialized, if yes, go to step 122, otherwise execute the next step in sequence;
[0117] 步骤 119: 显示相应数字;  [0117] Step 119: Display the corresponding number;
[0118] 步骤 120: 判断预定时间内是否检测到按键标志被置位,是则 返回执行步骤 101, 否则顺序执行下一步;  [0118] Step 120: Determine whether the button flag is set to be set within the predetermined time, and then return to step 101, otherwise execute the next step in sequence;
[0119] 步骤 121: 休眠状态,且当重新检测到^ 标志被置位后 执行步骤 101;  [0119] Step 121: a sleep state, and when the re-detection of the ^ flag is set, step 101 is performed;
[0120] 步骤 122: 检查开机标志是否被置位, 是则执行步骤 124, 否 则顺序执行下一步;  [0120] Step 122: Check whether the boot flag is set, if yes, go to step 124, otherwise execute the next step in sequence;
[0121] 步骤 123: 休眠状态,且当重新检测到^ 标志被置位后 执行步骤 101;  [0121] Step 123: The sleep state, and when the re-detected ^ flag is set, step 101 is performed;
[0122] 步骤 124:保存相应的数据到数据緩存区,并显示相应的数字; [0122] Step 124: Save the corresponding data to the data buffer area, and display the corresponding number;
[0123] 优选地, 在本实施例中, 当所述状态标识为第二预设值或第 四预设值或第五预设值或第六预设值时, 判断数据緩存区中单元数 据的个数是否已超过 6个, 是则保存最先或最后的 6个单元数据, 否则保存全部单元数据; 当所述状态标识为第一预设值时, 判断数 据緩存区中单元数据的个数是否超过 8个, 是则保存最先或最后 8 个单元数据, 否则保存全部单元数据; [0123] Preferably, in this embodiment, when the status identifier is a second preset value or a fourth preset value or a fifth preset value or a sixth preset value, determining unit data in the data buffer area Whether the number of the number has exceeded six, is to save the first or last 6 unit data, otherwise save all unit data; when the status identifier is the first preset value, determine the unit data in the data buffer area Whether the number is more than 8, is to save the first or last 8 Unit data, otherwise save all unit data;
[0124] 所述显示相应数字具体为显示数据緩存区中全部单元数据对 应的数字;  [0124] the display corresponding number is specifically a number corresponding to all unit data in the display data buffer area;
[0125] 其中,所述显示相应数字时可以显示明文也可以用 "-"或 "*" 等符号代替, 或先显示一段时间明文后, 用 "-" 或 "*" 等符号替 换明文, 当不同状态标识采用不同显示方式时, 根据所述状态标识 选择显示方式。  [0125] wherein, when the corresponding number is displayed, the plain text may be displayed or replaced by a symbol such as "-" or "*", or the plaintext is displayed after a period of time, and the plaintext is replaced with a symbol such as "-" or "*". When different status indicators adopt different display modes, the display mode is selected according to the status identifier.
[0126] 步骤 125: 判断预定时间内是否检测到按键标志被置位,是则 返回执行步骤 101, 否则顺序执行下一步;  [0126] Step 125: Determine whether the button flag is set to be set within the predetermined time, if yes, return to step 101, otherwise execute the next step sequentially;
[0127] 步骤 126: 将开才*志复位, ii 休眠状态, 且当重新检测到 标志被置位后执行步骤 101;  [0127] Step 126: reset the open state, ii sleep state, and when the re-detected flag is set, perform step 101;
[0128] 步骤 127: 判断设备是否初始化, 是则执行步骤 131, 否则顺 序执行下一步;  [0128] Step 127: Determine whether the device is initialized, if yes, go to step 131, otherwise execute the next step in sequence;
[0129] 步骤 128: 显示数字 0;  [0129] Step 128: Display the number 0;
[0130] 步骤 129: 判断预定时间内是否检测到按键标志被置位,是则 返回执行步骤 101, 否则顺序执行下一步;  [0130] Step 129: determining whether the button flag is set to be set within the predetermined time, if yes, returning to step 101, otherwise executing the next step sequentially;
[0131] 步骤 130: 休眠状态,且当重新检测到^ 标志被置位后 执行步骤 101;  [0131] Step 130: a sleep state, and when the re-detection of the ^ flag is set, step 101 is performed;
[0132] 步骤 131: 检查开机标志是否被置位, 是则执行步骤 133, 否 则顺序执行下一步;  [0132] Step 131: Check whether the boot flag is set, if yes, go to step 133, otherwise execute the next step in sequence;
[0133] 步骤 132: 休眠状态,且当重新检测到^ 标志被置位后 执行步骤 101;  [0133] Step 132: a sleep state, and when the re-detection of the ^ flag is set, step 101 is performed;
[0134] 步骤 133:检查状态标识,若所述状态标识为第三预设值则执 行步骤 135, 否则顺序执行下一步;  [0134] Step 133: Check the status identifier, and if the status identifier is the third preset value, perform step 135, otherwise execute the next step in sequence;
[0135] 步骤 134:保存相应的数据到数据緩存区,并显示相应的数字, 执行步骤 137;  [0135] Step 134: save the corresponding data to the data buffer, and display the corresponding number, perform step 137;
[0136] 具体地, 本步骤的具体方法与步骤 124相同, 在此不再赘述。 [0137] 步骤 135: 判断数字键 0被按下的时间是否超过预设时长,是 则顺序执行下一步, 否则执行步骤 137; [0136] Specifically, the specific method of this step is the same as step 124, and details are not described herein again. [0137] Step 135: determining whether the time when the numeric key 0 is pressed exceeds the preset duration, if yes, the next step is performed, otherwise step 137 is performed;
[0138] 步骤 136: 将状态标识置为第四预设值,显示修改开机密码界 面, 执行步骤 137;  [0138] Step 136: Set the status identifier to the fourth preset value, display the modified power-on password interface, and perform step 137;
[0139] 步骤 137: 判断预定时间内是否检测到按键标志被置位,是则 返回执行步骤 101, 否则顺序执行下一步;  [0139] Step 137: determining whether the button flag is set to be set within the predetermined time, if yes, returning to step 101, otherwise executing the next step sequentially;
[0140] 步骤 138: 将开才 1 志复位, 休眠状态, 且当重新检测到 ^^标志被置位时执行步骤 101;  [0140] Step 138: reset the open state, sleep state, and when it is detected that the ^^ flag is set, step 101 is performed;
[0141] 步骤 139: 判断设备是否初始化, 是则执行步骤 143, 否则顺 序执行下一步;  [0141] Step 139: Determine whether the device is initialized, if yes, go to step 143, otherwise execute the next step in sequence;
[0142] 步骤 140: 显示预设信息;  [0142] Step 140: Display preset information;
[0143] 具体的, 在本实施例中, 所述预设信息为 "成功"。  [0143] Specifically, in this embodiment, the preset information is “successful”.
[0144] 步骤 141: 判断预定时间内是否检测到按键标志被置位,是则 执行步骤 101, 否则顺序执行下一步;  [0144] Step 141: Determine whether the button flag is set to be set within the predetermined time, if yes, go to step 101, otherwise execute the next step in sequence;
[0145] 步骤 142: 休眠状态,且当重新检测到^ 标志被置位后 执行步骤 101;  [0145] Step 142: The sleep state, and when the re-detection of the ^ flag is set, step 101 is performed;
[0146] 步骤 143: 检查开机标志是否被置位, 是则执行步骤 145, 否 则顺序执行下一步;  [0146] Step 143: Check whether the boot flag is set, if yes, go to step 145, otherwise execute the next step in sequence;
[0147] 步骤 144: 休眠状态,且当重新检测到^ 标志被置位后 执行步骤 101;  [0147] Step 144: The sleep state, and when the re-detection of the ^ flag is set, step 101 is performed;
[0148] 步骤 145: 检查状态标识, 若所述状态标识为第三预设值, 则 执行步骤 146, 若所述状态标识为第二预设值, 则执行步骤 149, 若 所述状态标识为第一预设值, 则执行步骤 151; 若所述状态标识为 第四预设值, 则执行步骤 157, 若所述状态标识为第五预设值, 则 执行步骤 160, 若所述状态标识为第六预设值, 则执行步骤 163, 若 所述状态标识为第七预设值, 则执行步骤 166;  [0148] Step 145: Check the status identifier, if the status identifier is the third preset value, perform step 146. If the status identifier is the second preset value, perform step 149, if the status identifier is If the status identifier is the fourth preset value, step 157 is performed, and if the status identifier is the fifth preset value, step 160 is performed, if the status identifier is For the sixth preset value, step 163 is performed, if the status identifier is the seventh preset value, step 166 is performed;
[0149] 步骤 146: 计算生成动态口令, 将状态标识置为第七预设值, 显示与所述动态口令相对应的内容; [0150] 具体地, 在本实施例中, 所述动态令牌计算生成 6位的动态 口令, 所述计算生成动态口令可以为根据时间因子(或事件因子) 和预先存储在所述动态令牌中的静态因子生成动态口令, 或根据时 间因子(或事件因子)、数据緩存区中的数据和预先存储在所述动态 令牌中的静态因子生成动态口令, 在此不做限定; [0149] Step 146: Calculate and generate a dynamic password, set the status identifier to a seventh preset value, and display content corresponding to the dynamic password. [0150] Specifically, in this embodiment, the dynamic token calculation generates a 6-bit dynamic password, and the calculation generates a dynamic password, which may be based on a time factor (or an event factor) and pre-stored in the dynamic token. The static factor in the dynamic password is generated, or the dynamic password is generated according to the time factor (or event factor), the data in the data buffer, and the static factor pre-stored in the dynamic token, which is not limited herein;
[0151] 优选地, 在本实施例中, 所述显示相应数据具体为显示所述 动态口令的前 4位, 后 2位用符号 "-" 代替;  [0151] Preferably, in the embodiment, the displaying corresponding data is specifically displaying the first 4 digits of the dynamic password, and the last 2 digits are replaced by the symbol "-";
[0152] 进一步地, 还可以显示时间条, 用于表示当前动态口令剩余 的有效时间。  [0152] Further, a time bar may also be displayed for indicating the remaining effective time of the current dynamic password.
[0153] 步骤 147:判断在所述动态口令有效时是否检测到按键标志被 置位, 是则返回执行步骤 101, 否则当所述动态口令失效时顺序执 行下一步  [0153] Step 147: Determine whether the button flag is set when the dynamic password is valid, and then return to step 101, otherwise execute the next step when the dynamic password fails.
[0154] 步骤 148: 将状态标识设为第三预设值, 显示信息界面, 执行 步骤 167;  [0154] Step 148: The status identifier is set to a third preset value, the information interface is displayed, and step 167 is performed;
[0155] 步骤 149: 计算生成解锁码驗证码, 并判断数据緩存区中的数 据是否与所述解锁码验证码一致, 是则顺序执行下一步, 否则执行 步骤 155;  [0155] Step 149: Calculate the generated unlock code verification code, and determine whether the data in the data buffer is consistent with the unlock code verification code, and then execute the next step sequentially, otherwise step 155 is performed;
[0156] 具体地, 所述动态令牌根据静态因子和时间因子(或事件因 子), 或根据静态因子、 时间因子(或事件因子)和数据緩存区中的 数据, 采用预设算法计算生成三个 8位解锁码验证码, 所述三个解 锁码^ iE码分别对应当前时间因子的前一个时间因子, 当前时间因 子, 当前时间因子的后一个时间因子或当前事件因子、 后一个相邻 事件因子、 后一个间隔的事件因子;  [0156] Specifically, the dynamic token is calculated and generated according to a static factor and a time factor (or an event factor), or according to a static factor, a time factor (or an event factor), and data in a data buffer. An 8-bit unlock code verification code, the three unlock code ^ iE codes respectively correspond to a previous time factor of the current time factor, a current time factor, a subsequent time factor of the current time factor or a current event factor, and a subsequent adjacent event Factor, event factor of the next interval;
[0157] 进一步地, 所述数据緩存区中的相应数字是否与所述解锁码 码一致具体为与所述动态令牌计算生成的三个解锁码验证码中 的任意一个相同。  [0157] Further, whether the corresponding number in the data buffer is consistent with the unlock code is specifically the same as any one of the three unlock code verification codes generated by the dynamic token calculation.
[0158] 步骤 150: 清除数据緩存区中的数据, 将锁定标志复位, 将状 态标识置为第五预设值, 显示设定新开机密码界面, 执行步骤 167;  [0158] Step 150: Clear the data in the data buffer, reset the lock flag, set the status flag to the fifth preset value, display the set new power-on password interface, and perform step 167;
[0159] 步骤 151:判断数据緩存区中的数据是否与所述动态令牌中存 储的开机密码一致, 是则执行步骤 156, 否则顺序执行下一步; [0159] Step 151: Determine whether data in the data buffer is stored in the dynamic token. The stored power-on passwords are the same, if yes, go to step 156, otherwise execute the next step in sequence;
[0160] 步骤 152: 清除数据緩存区中的数据,计算当前密码重试次数 减 1, 结果作为可用密码重试次数;  [0160] Step 152: Clear the data in the data buffer area, calculate the current password retry count minus 1, and the result is the number of available password retry times;
[0161] 具体地, 在本实施例中, 如果是第一次执行本步骤, 所述当 前密码重试次数的初始值为 6, 否则所述当前密码重试次数是上一 次执行本步骤时计算得到的可用密码重试次数。  [0161] Specifically, in this embodiment, if the step is performed for the first time, the initial value of the current password retry count is 6, otherwise the current password retry count is calculated when the step is executed last time. The number of available password retries.
[0162] 步骤 153: 判断所述可用密码重试次数是否为 0, 是则将锁定 标志置位, 顺序执行步骤 154, 否则直接执行步骤 154;  [0162] Step 153: Determine whether the number of available password retries is 0, if yes, set the lock flag, step 154 is performed in sequence, otherwise step 154 is directly executed;
[0163] 步骤 154:提示开机密码错误以及可用密码重试次数,顺序执 行步骤 155;  [0163] Step 154: prompting the power-on password error and the number of available password retries, step 155 is performed in sequence;
[0164] 步骤 155: 清除数据緩存区中的数据, 返回执行步骤 113;  [0164] Step 155: Clear the data in the data buffer, return to step 113;
[0165] 步骤 156: 清除数据緩存区中的数据,将状态标识置为第三预 设值, 显示信息界面, 执行步骤 167;  [0165] Step 156: Clear the data in the data buffer, set the status identifier to the third preset value, display the information interface, and perform step 167;
[0166] 步骤 157:判断数据緩存区中的数据是否与所述动态令牌中存 储的开机密码一致, 是则顺序执行下一步, 否则执行步骤 159;  [0166] Step 157: determining whether the data in the data buffer is consistent with the power-on password stored in the dynamic token, if yes, the next step is performed, otherwise step 159 is performed;
[0167] 步骤 158: 清除数据緩存区中的数据,将状态标识置为第五预 设值, 显示设定新开机密码界面, 执行步骤 167;  [0167] Step 158: Clear the data in the data buffer, set the status flag to the fifth preset value, display the setting of the new power-on password interface, and perform step 167;
[0168] 步骤 159: 清除数据緩存区中的数据, 提示开机密码错误, 执 行步骤 167;  [0168] Step 159: Clear the data in the data buffer, prompting the power-on password error, and executing step 167;
[0169] 步骤 160: 判断数据緩存区中的数据是否符合预设 是则 顺序执行下一步, 否则执行步骤 162;  [0169] Step 160: determining whether the data in the data buffer area meets the preset, then executing the next step in sequence, otherwise performing step 162;
[0170] 优选地, 在本实施例中, 所述数据緩存区中的数据满足预设 frfr具体为: 所述数据緩存区中的数据对应 6位 0~9的数字„  [0170] Preferably, in this embodiment, the data in the data buffer meets the preset frfr, and the data in the data buffer corresponds to 6 digits 0-9.
[0171] 步骤 161: 清除数据緩存区中的数据,将用户输入的数据存储 为 P1 , 将状态标识置为第六预设值, 显示确认新开机密码界面, 执 行步骤 167;  [0171] Step 161: Clear the data in the data buffer, store the data input by the user as P1, set the status identifier to the sixth preset value, display the confirmation of the new power-on password interface, and execute step 167;
[0172] 步骤 162:清除数据緩存区中的数据,提示修改开机密码失败, 执行步骤 167; [0173] 步骤 163: 判断数据緩存区中的数据是否与 PI相同, 是则执 行步骤 165, 否则顺序执行下一步; [0172] Step 162: Clear the data in the data buffer, prompting to modify the power-on password failed, step 167; [0173] Step 163: Determine whether the data in the data buffer area is the same as the PI, if yes, go to step 165, otherwise execute the next step in sequence;
[0174] 步骤 164:清除数据緩存区中的数据,提示修改开机密码失败, 将状态标识置为第五预设值, 显示设定新开机密码界面, 执行步骤 [0174] Step 164: Clear the data in the data buffer area, prompting to modify the power-on password fails, setting the status identifier to the fifth preset value, displaying the setting a new power-on password interface, and performing the steps
167; 167;
[0175] 步骤 165: 清除数据緩存区中的数据, 用所述 P1替换动态令 牌内部存储的开机密码, 将状态标识置为第三预设值, 显示信息界 面, 执行步骤 167;  [0175] Step 165: Clear the data in the data buffer area, replace the power-on password stored in the dynamic token with the P1, set the status identifier to the third preset value, display the information interface, and perform step 167;
[0176] 步骤 166: 将状态标识置为第三预设值, 显示信息界面;  [0176] Step 166: Set the status identifier to a third preset value, and display an information interface.
[0177] 步骤 167: 判断在预定时间内是否检测到^^标志被置位,是 则返回执行步骤 101, 否则顺序执行下一步;  [0177] Step 167: Determine whether the ^^ flag is set to be set within a predetermined time, and then return to step 101, otherwise execute the next step in sequence;
[0178] 步骤 168: 将开才*志复位, ii 休眠状态, 且当重新检测到 标志被置位后执行步骤 101。  [0178] Step 168: reset the open state, ii sleep state, and execute step 101 after the re-detected flag is set.
[0179] 实施例三  [0179] Embodiment 3
[0180] 为了有效地防止动态令牌被盗用、 动态令牌丢失、 种子文件 丢失以及群举的可能, 本发明实施例提供了另一种动态令牌的工作 方法, 其中, 所述动态令牌通常情况下处于休眠状态, 当有按键被 按下时被唤醒, 将按键标志置位, 当电源键被连续按下超过预设时 长, 或在预定时间内没有按键输入时重新进入休眠状态, 同时将状 态标识恢复为默认值、 保存当前可用密码重试次数以及锁定标志的 当前状态。  [0180] In order to effectively prevent the dynamic token from being stolen, the dynamic token is lost, the seed file is lost, and the group is raised, the embodiment of the present invention provides another dynamic token working method, where the dynamic token is used. Normally in the sleep state, wake up when a button is pressed, set the button flag, re-enter the sleep state when the power button is continuously pressed for more than the preset duration, or when there is no button input within the predetermined time. Restores the status ID to the default value, saves the current number of available password retries, and the current status of the lock flag.
[0181] 当检测到所述按键标志被置位, 且动态令牌未完成初始化时, 所述动态令牌根据被按下的按键的类型检测液晶屏和键盘是否可 用;  [0181] when detecting that the button flag is set, and the dynamic token is not initialized, the dynamic token detects whether the liquid crystal screen and the keyboard are available according to the type of the pressed button;
[0182] 当检测到所述按键标志被置位, 且动态令牌已经完成初始化 时, 动态令牌执行以下操作:  [0182] When it is detected that the button flag is set and the dynamic token has been initialized, the dynamic token performs the following operations:
[0183] 步骤 201: 清除按键标志, 扫描按键, 判断被按下的按键的类 型, 若为电源键则执行步骤 202, 若为删除键则执行步骤 203, 若为 数字键则执行步骤 204, 若为确认键则执行步骤 206; [0184] 优选地, 在本实施例中, 为防止静电等干扰和按键本身的抖 动引起的^^标志被置位, 当令牌检测到^:标志被置位后还包括 按键消抖处理, 具体为: 当检测到按键标志被置位后判断按键被按 下的时间是否超过预设时间,是则执行步骤 Sl,否则清除^^标志, 休眠状态, 继续等待按键标志被置位, 其中检测按键被按下的 时间的办法可为多种, 在此不做限定; [0183] Step 201: Clear the button flag, scan the button, determine the type of the pressed button, if it is the power button, go to step 202, if it is the delete button, go to step 203, if it is the number button, go to step 204, if Steps 206 are performed for confirming the key; [0184] Preferably, in this embodiment, in order to prevent interference such as static electricity and the jitter of the button itself from being set, when the token detects that the ^: flag is set, the button debounce processing is further included. Specifically, when it is detected that the button is pressed, it is determined whether the time when the button is pressed exceeds the preset time, then step S1 is performed, otherwise the ^^ flag is cleared, the sleep state is continued, and the waiting button flag is set, wherein the detection is performed. There are a plurality of ways in which the button is pressed, which is not limited herein;
[0185] 优选地, 在本实施例中, 所述预设时间为 20亳秒。  [0185] Preferably, in this embodiment, the preset time is 20 亳 seconds.
[0186] 还可以采用硬件电路实现按键消抖处理,具体可根据 RS触发 器的特性实现。  [0186] The key circuit debounce processing can also be implemented by using a hardware circuit, which can be specifically implemented according to the characteristics of the RS trigger.
[0187] 步骤 202: 检查开机标志,  [0187] Step 202: Check the boot flag,
[0188] 当所述开机标志被置位时, 将所述开机标志复位, 进入休眠 状态, 当重新检测到所述^ ^标志被置位后执行步骤 201;  [0188] When the power-on flag is set, the power-on flag is reset, enters a sleep state, and when it is detected that the ^^ flag is set, step 201 is performed;
[0189] 当所述开机标志未被置位时, 将所述开机标志置位, 执行步 骤 203;  [0189] When the boot flag is not set, the boot flag is set, step 203 is performed;
[0190] 步骤 203:检查锁定标志是否被置位,是则显示提示动态令牌 已锁定的信息, 将状态标识置为第一预设值, 显示提示输入解锁码 的信息, 执行步骤 212; 否则将所述状态标识置为第二预设值, 显 示提示输入开机密码的信息, 执行步骤 212;  [0190] Step 203: Check whether the lock flag is set. If yes, the information indicating that the dynamic token is locked is displayed, and the status identifier is set to the first preset value, and the information indicating that the unlock code is prompted to be displayed is performed, and step 212 is performed; otherwise, Setting the status identifier to a second preset value, displaying information prompting to input a power-on password, performing step 212;
[0191] 步骤 204: 检查所述开机标志, 当所述开机标志被置位时, 检 查状态标识, 删除相应緩存区末端的一个单元数据,显示相应数字, 执行步骤 212,若所述相应緩存区中没有数据,则直接执行步骤 212; 当所述开机标志未被置位时, 休眠状态, 当重新检测到所述按 键标志被置位后执行步骤 201;  [0191] Step 204: Check the boot flag, when the boot flag is set, check the status identifier, delete a unit data at the end of the corresponding buffer area, display the corresponding number, and perform step 212, if the corresponding buffer area If there is no data, step 212 is performed directly; when the power-on flag is not set, the sleep state, when it is detected that the button flag is set, step 201 is performed;
[0192] 具体地, 所述检查状态标识, 删除相应緩存区末端的一个单 元数据包括:  [0192] Specifically, the checking the status identifier, deleting a unit data at the end of the corresponding buffer area, includes:
[0193] 检查状态标识, 若为第一预设值则删除解锁码緩冲区末端的 一个单元数据; 若为第二预设值或第四预设值则删除开机密码緩存 区末端的一个单元数据; 若为第五预设值则删除新开机密码緩存区 末端的一个单元数据; 若为第六预设值则删除确认新开机密码緩存 区末端的一个单元数据; 若为其它则不做处理; [0193] checking the status identifier, if it is the first preset value, deleting one unit data at the end of the unlock code buffer; if it is the second preset value or the fourth preset value, deleting a unit at the end of the power-on password buffer area Data; if it is the fifth preset value, delete one unit data at the end of the new power-on password buffer; if it is the sixth preset value, delete and confirm the new power-on password cache. a unit of data at the end of the zone; if not, it is not processed;
[0194] 其中, 在所述数据緩存区中用一个单元数据表示一个数字, 所述一个单元数据为经过编码的或未经编码的;  [0194] wherein, in the data buffer, a unit data is used to represent a number, and the unit data is encoded or uncoded;
[0195] 所述显示相应数字具体包括: 显示所述数据緩存区中全部单 元数据所对应的数字, 显示的相应数字为数据明文或符号 "-" 或先 显示固定时间数据明文后用符号 "-" 代替所述数据明文, 当所述 状态标识的不同预设值对应不同的显示方式时, 具体根据所述状态 标识的当前值选择显示方式。  [0195] The displaying the corresponding number specifically includes: displaying a number corresponding to all the unit data in the data buffer, and displaying the corresponding number as the data plaintext or the symbol "-" or displaying the fixed time data in plain text and then using the symbol "- When the different preset values of the status identifiers correspond to different display modes, the display mode is selected according to the current value of the status identifiers.
[0196] 步骤 205: 检查所述开机标志, 当所述开机标志被置位时, 检 查状态标识, 根据按键的键值保存相应数据到相应緩存区, 执行步 骤 212; 当所述开机标志未被置位时, 休眠状态, 当重新检测 到所述按键标志被置位后执行步骤 201;  [0196] Step 205: Check the boot flag, when the boot flag is set, check the status identifier, save the corresponding data according to the key value of the button to the corresponding buffer area, and perform step 212; when the boot flag is not When set, in the sleep state, when it is re-detected that the button flag is set, step 201 is performed;
[0197] 具体地, 所述检查状态标识, 根据按键的键值保存相应数据 到相应緩存区包括: 检查状态标识, 若为第一预设值则保存相应数 据到解锁码緩存区; 若为第二或第四预设值则保存相应数据到开机 密码緩存区;若为第五预设值则保存相应数据到新开机密码緩存区; 若为第六预设值则保存相应数据到确认新开机密码緩存区; 若为其 它则不做处理;  [0197] Specifically, the checking status identifier, saving the corresponding data according to the key value of the button to the corresponding buffer area includes: checking the status identifier, and if the first preset value is, saving the corresponding data to the unlock code buffer area; The second or fourth preset value saves the corresponding data to the power-on password buffer area; if it is the fifth preset value, the corresponding data is saved to the new power-on password buffer area; if it is the sixth preset value, the corresponding data is saved to confirm the new boot. Password buffer; if it is other, it will not be processed;
[0198] 其中, 所述保存相应数据到相应数据緩存区具体包括: 根据 所述状态标识判断相应緩存区中单元数据的个数是否已超过预设个 数, 是则保存最先或最后的预设个数的单元数据, 否则保存全部单 元数据。  [0198] The saving the corresponding data to the corresponding data buffer area specifically includes: determining, according to the status identifier, whether the number of unit data in the corresponding buffer area has exceeded a preset number, and saving the first or last pre- Set the number of unit data, otherwise save all unit data.
[0199] 步骤 206: 检查所述开机标志, 当所述开机标志被置位时, 检 查所述状态标识, 当所述状态标识为第三预设值时判断所述按键被 连续按下的时间是否超过预设时长, 是则将所述状态标识置为第五 预设值, 显示提示重新设定开机密码的信息, 执行步骤 212, 否则 直接执行步骤 212, 当所述状态标识不为第三预设值时保存相应数 据到相应緩存区, 并显示相应数字, 执行步骤 212; 当所述开机标 志未被置位时, 进入休眠状态, 当重新检测到所述按键标志被置位 后执行步骤 211; [0200] 具体地, 所述当所述状态标识不为第三预设值时保存相应数 据到相应緩存区包括: 若为第一预设值则保存相应数据到解锁码緩 存区; 若为第二或第四预设值则保存相应数据到开机密码緩存区; 若为第五预设值则保存相应数据到新开机密码緩存区; 若为第六预 设值则保存相应数据到确认新开机密码緩存区; 若为其它则不做处 理。 [0199] Step 206: Check the boot flag, when the boot flag is set, check the status identifier, and when the status identifier is the third preset value, determine the time when the button is continuously pressed. If the preset duration is exceeded, the status identifier is set to the fifth preset value, and the information indicating that the power-on password is reset is displayed, and step 212 is performed. Otherwise, step 212 is directly performed, and when the status identifier is not the third When the preset value is saved, the corresponding data is saved to the corresponding buffer area, and the corresponding number is displayed, and step 212 is performed; when the power-on flag is not set, the sleep state is entered, and when the button flag is re-detected, the step is performed. 211; [0200] Specifically, when the status identifier is not the third preset value, saving the corresponding data to the corresponding buffer area includes: if the first preset value is, saving the corresponding data to the unlock code buffer area; The second or fourth preset value saves the corresponding data to the power-on password buffer area; if it is the fifth preset value, the corresponding data is saved to the new power-on password buffer area; if it is the sixth preset value, the corresponding data is saved to confirm the new boot. Password buffer; if it is other, it will not be processed.
[0201] 步骤 207: 检查所述开机标志, 当所述开机标志被置位时, 检 查所述状态标识, 当所述状态标识为第一预设值时执行步骤 208, 当所述状态标识为第二预设值时执行步骤 209, 当所述状态标识为 第三预设值时执行步骤 210; 当所述状态标识为第五预设值时执行 步骤 211; 当所述开机标志未被置位时, 休眠状态, 当重新检 测到所述按键标志被置位后执行步骤 201;  [0201] Step 207: Check the boot flag, when the boot flag is set, check the status identifier, and when the status identifier is the first preset value, perform step 208, when the status identifier is Step 209 is performed when the second preset value is performed, and step 210 is performed when the status identifier is the third preset value; and step 211 is performed when the status identifier is the fifth preset value; Bit, in the sleep state, when it is re-detected that the button flag is set, step 201 is performed;
[0202] 步骤 208: 计算生成解锁码驗证码, 并判断解锁码緩存区中的 数据与计算生成的解锁码验证码是否一致, 是则将所述锁定标志复 位, 将所述状态标识置为第五预设值, 显示提示用户重新设定开机 密码的信息, 清除解锁码緩存区中的数据, 执行步骤 212; 否则清 除解锁码緩存区中的数据, 返回执行步骤 203;  [0202] Step 208: Calculate and generate an unlock code verification code, and determine whether the data in the unlock code buffer area is consistent with the calculated unlock code verification code, and then reset the lock flag, and set the status flag to The fifth preset value, displaying information prompting the user to reset the power-on password, clearing the data in the unlock code buffer area, performing step 212; otherwise clearing the data in the unlock code buffer area, returning to step 203;
[0203] 具体地, 所述计算生成解锁码验证码的方法与实施例二中计 算生成解锁码验证码的方法相同, 在此不再赘述。  [0203] Specifically, the method for calculating the unlock code verification code is the same as the method for calculating the unlock code verification code in the second embodiment, and details are not described herein again.
[0204] 步骤 209:判断所述开机密码緩存区中的数据与所述动态令牌 当前存储的开机密码是否一致, 是则将所述状态标识置为第三预设 值, 显示提示已进入信息界面的信息, 清除开机密码緩存区中的数 据, 执行步骤 212; 否则将所述锁定标志置位, 清除开机密码緩存 区中的数据, 返回执行步骤 203;  [0204] Step 209: It is determined whether the data in the power-on password buffer area is consistent with the power-on password currently stored by the dynamic token, and the status identifier is set to a third preset value, and the prompt information has been entered. Interface information, clear the data in the power-on password buffer, step 212; otherwise set the lock flag, clear the data in the power-on password buffer, return to step 203;
[0205] 优选地, 所述动态令牌中可设置有可用密码重试次数;  [0205] Preferably, the number of available password retries may be set in the dynamic token;
[0206] 相应地: 当所述锁定标志未被置位时, 判断所述开机密码緩 存区中的数据与所述动态令牌当前存储的开机密码是否一致, 是则 将所述状态标识置为第三预设值,显示提示已进入信息界面的信息, 并将所述可用密码重试次数置为初始值, 清除开机密码緩存区中的 数据, 执行步骤 212; 否则清除开机密码緩存区中的数据, 计算所 述可用密码重试次数减 1, 结果作为当前可用密码重试次数, 判断 当前可用密码重试次数是否为 0, 是则将所述锁定标志置位, 返回 执行步骤 203, 否则直接返回执行步骤 203。 [0206] Correspondingly: when the lock flag is not set, determining whether the data in the power-on password buffer is consistent with the power-on password currently stored by the dynamic token, and then setting the status identifier to The third preset value displays information indicating that the information interface has been entered, and sets the number of available password retry times to an initial value, clears the data in the power-on password buffer area, and performs step 212; otherwise, clears the power-on password buffer area. Data, calculation office The number of available password retries is reduced by 1, and the result is used as the number of currently available password retries to determine whether the current available password retries is 0. If yes, the lock flag is set, and the process returns to step 203. Otherwise, the process returns directly to step 203. .
[0207] 步骤 210: 计算生成动态口令,显示与所述动态口令相对应的 内容, 执行步骤 212;  [0207] Step 210: Calculate the generated dynamic password, display the content corresponding to the dynamic password, and perform step 212;
[0208] 具体地, 所述计算生成动态口令的方法与实施例二中计算生 成动态口令的方法相同, 在此不再赘述。  [0208] Specifically, the method for calculating the dynamic password is the same as the method for calculating the dynamic password in the second embodiment, and details are not described herein again.
[0209] 步骤 211: 判断新开机密码緩存区中的数据是否符合预设条 件, 是则用所述新开机密码緩存区中的数据替换当前所述令牌内部 存储的开机密码, 将所述状态标识置为第三预设值, 显示提示已进 入信息界面的信息,清除新开机密码緩存区中的数据,执行步骤 212; 否则清除新开机密码緩存区中的数据, 执行步骤 212;  [0209] Step 211: determining whether the data in the new power-on password buffer area meets a preset condition, and replacing the power-on password stored in the current token with the data in the new power-on password buffer area, where the status is The identifier is set to the third preset value, the information indicating that the information interface has been entered is displayed, the data in the new power-on password buffer area is cleared, and step 212 is performed; otherwise, the data in the new power-on password buffer area is cleared, and step 212 is performed;
[0210] 步骤 212: 判断在预定时间内是否检测到所述按键标志被置 位, 是则执行步骤 201, 否则, 将所述开机标志复位, 进入休眠状 态, 且当重新检测到所述^ 标志被置位后执行步骤 201。  [0210] Step 212: Determine whether the button flag is detected to be set within a predetermined time, if yes, execute step 201, otherwise, reset the boot flag, enter a sleep state, and when the ^ flag is detected again After being set, step 201 is performed.
[0211] 优选地, 所述步骤 207 中还可以包括: 当所述状态标识为第 四预设值时执行步骤 213; 当所述状态标识为第六预设值时执行步 骤 214; 当所述状态标识为第七预设值时执行步骤 215; 其中所述步 骤 213、 步骤 214、 步骤 215具体为:  [0211] Preferably, the step 207 may further include: performing step 213 when the status identifier is a fourth preset value; performing step 214 when the status identifier is a sixth preset value; When the status identifier is the seventh preset value, step 215 is performed; where the step 213, step 214, and step 215 are specifically:
[0212] 步骤 213:判断开机密码緩存区中的数据与所述动态令牌当前 存储的开机密码是否一致, 是则将所述状态标识置为第五预设值, 显示提示重新设定开机密码的信息,清除开机密码緩存区中的数据, 执行步骤 212; 否则清除开机密码緩存区中的数据, 执行步骤 212;  [0212] Step 213: Determine whether the data in the power-on password buffer area is consistent with the power-on password currently stored by the dynamic token, and then set the status identifier to a fifth preset value, and display a prompt to reset the power-on password. For clearing the data in the power-on password buffer, go to step 212; otherwise, clear the data in the power-on password buffer, go to step 212;
[0213] 相应地, 步骤 206 中当判断出所述被按下的^^被连续按下 的时间是超过预设时长时包括: 将所述状态标识置为第四预设值, 显示提示输入当前开机密码的信息, 执行步骤 212。  [0213] Correspondingly, when it is determined that the pressed time of the pressed ^^ is more than the preset duration, the method includes: setting the status identifier to a fourth preset value, displaying the prompt input For the current power-on password, go to step 212.
[0214] 步骤 214:判断确认开机密码緩存区中的数据与新开机密码是 否一致, 是则用所述新开机密码替换当前所述动态令牌内部存储的 开机密码, 将所述状态标识置为第三预设值, 显示提示已进入信息 界面的信息, 清除确认开机密码緩存区中的数据, 执行步骤 212; 否则将所述状态标识置为第五预设值, 显示提示重新设定开机密码 的信息, 清除确认开机密码緩存区中的数据, 执行步骤 212; [0214] Step 214: Determine whether the data in the power-on password buffer area is consistent with the new power-on password, and replace the power-on password stored in the current dynamic token with the new power-on password, and set the status identifier to The third preset value, indicating that the prompt has entered the information If the information in the interface is cleared, the data in the power-on password buffer area is cleared, and step 212 is performed; otherwise, the status identifier is set to the fifth preset value, and the information indicating that the power-on password is reset is displayed, and the confirmation in the power-on password buffer area is cleared. Data, performing step 212;
[0215] 相应地, 步骤 211 中当判断出新开机密码緩存区中的数据符 合预设条件时, 将新开机密码緩存区中的数据存储为新开机密码, 将所述状态标识置为第六预设值, 显示提示确认重新设定的开机密 码的信息, 清 开机密码緩存区中的数据, 执行步骤 212。  [0215] Correspondingly, when it is determined in step 211 that the data in the new power-on password buffer area meets the preset condition, the data in the new power-on password buffer area is stored as a new power-on password, and the status identifier is set to sixth. The preset value displays a message prompting to confirm the reset power-on password, and clears the data in the password buffer area, and step 212 is performed.
[0216] 步骤 215: 将所述状态标识置为第三预设值, 执行步骤 212。  [0216] Step 215: Set the status identifier to a third preset value, and perform step 212.
[0217] 相应地, 所述步骤 210 中所述计算生成动态口令后还包括: 将所述状态标识置为第七预设值, 判断在所述动态口令失效前是否 检测到所述按键标识被置位, 是则返回执行步骤 201, 否则当所述 动态口令失效时将所述状态标识置为第三预设值, 执行步骤 212。  [0217] Correspondingly, after the calculating the dynamic password in the step 210, the method further includes: setting the status identifier to a seventh preset value, and determining whether the button identifier is detected before the dynamic password is invalidated. If yes, the process returns to step 201. Otherwise, when the dynamic password is invalid, the status flag is set to a third preset value, and step 212 is performed.
[0218] 具体地, 在本实施例中, 所述解锁码緩存区和开机码緩存区 使用同一个存储区域。 此外也可以有其他的緩存区共享方式, 如解 锁码緩存区和新开机码緩存区共用一个存储区域等。  [0218] Specifically, in this embodiment, the unlock code buffer area and the boot code buffer area use the same storage area. In addition, there may be other buffer sharing modes, such as the unlocking code buffer area and the new boot code buffer area sharing a storage area.
[0219] 以上所述, 仅为本发明的具体实施方式, 但本发明的保护范 围并不局限于此, 任何熟悉本技术领域的技术人员在本发明揭露的 技术范围内, 可轻易想到变化或替换, 都应涵盖在本发明的保护范 围之内。 因此, 本发明的保护范围应所述以权利要求的保护范围为 准。  The above description is only the specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or within the technical scope disclosed by the present invention. Alternatives are intended to be covered by the scope of the present invention. Therefore, the scope of the invention should be determined by the scope of the claims.

Claims

权 利 要 求 Rights request
1、 一种动态令牌的工作方法, 其特征在于, 当所述动态令牌检 测到其按键标志被置位后包括:  A working method of a dynamic token, characterized in that, after the dynamic token detects that a button flag is set, the method includes:
(步骤 A )清除按键标志, 扫描按键, 判断被按下的按键的类 型, 若为电源键则执行步骤 B, 若为删除键则执行步骤 D, 若为第 一数字键组中的任意按键则执行步驟 E, 若为第二数字键组中的任 意按键则执行步骤 F, 若为确认键则执行步骤 G;  (Step A) Clear the button mark, scan the button, and judge the type of the pressed button. If it is the power button, go to step B. If it is the delete button, go to step D. If it is any button in the first number button group, Step E is performed, if any key in the second number key group is executed, step F is performed, and if it is a confirmation key, step G is performed;
(步骤 B )检查开机标志, 当所述开机标志被置位时, 将所述 开机标志复位, ¾A休眠状态; 当所述开机标志未被置位时, 将所 述开机标志置位, 执行步骤 C;  (Step B) checking the boot flag, when the boot flag is set, resetting the boot flag, 3⁄4A sleep state; when the boot flag is not set, setting the boot flag, performing steps C;
(步骤 C )检查锁定标志, 若所述锁定标志被置位则将状态标 识置为第一预设值, 执行步骤 L; 若所述锁定标志未被置位则将所 述状态标识置为第二预设值, 执行步骤 L;  (Step C) checking the lock flag, if the lock flag is set, setting the status flag to the first preset value, performing step L; if the lock flag is not set, the status flag is set to Two preset values, performing step L;
(步骤 D )检查所述开机标志, 当所述开机标志被置位时, 删 除数据緩存区末端的一个单元数据, 显示相应数字, 执行步骤 L; 当所述开机标志未被置位时, 休眠状态;  (Step D) checking the boot flag, when the boot flag is set, deleting a cell data at the end of the data buffer, displaying the corresponding number, performing step L; when the boot flag is not set, sleeping State
(步骤 E )检查所述开才 L 志, 当所述开才 L 志被置位时, 保 存相应数据到所述数据緩存区, 并显示相应数字, 执行步驟 L; 当 所述开机标志未被置位时, 进入休眠状态;  (Step E) checking the open L, when the open L is set, saving the corresponding data to the data buffer, and displaying the corresponding number, performing step L; when the boot flag is not When set, enters the sleep state;
(步骤 F )检查所述开机标志,  (Step F) checking the boot flag,
当所述开机标志被置位且所述状态标识为第三预设值时, 判断 所述被按下的按键被连续按下的时间是否超过预设时长, 是则将所 述状态标识置为第五预设值, 执行步骤 L, 否则直接执行步骤 L; 当所述开机标志被置位且所述状态标识不为第三预设值时, 保 存相应的数据到所述数据緩存区, 并显示相应数字, 执行步骤 L; 当所述开机标志未被置位时, 休眠状态; (步骤 G )检查所述开机标志, When the power-on flag is set and the state identifier is a third preset value, it is determined whether the pressed button is continuously pressed for more than a preset duration, and the state identifier is set to The fifth preset value, step L is performed, otherwise step L is directly executed; when the power-on flag is set and the state identifier is not the third preset value, the corresponding data is saved to the data buffer area, and Display the corresponding number, perform step L; when the power-on flag is not set, the sleep state; (Step G) checking the boot flag,
当所述开机标志被置位时, 检查所述状态标识, 若所述状态标 识为第一预设值则执行步骤 H,若为第二预设值则执行步骤 I,若为 第三预设值则执行步骤 J, 若为第五预设值则执行步骤 K;  When the power-on flag is set, the status indicator is checked. If the status identifier is the first preset value, step H is performed. If the second preset value is the second step, step I is performed. The value is performed in step J, and if it is the fifth preset value, step K is performed;
当所述开机标志未被置位时, 休眠状态;  When the boot flag is not set, the sleep state;
(步骤 Η )计算生成解锁码验证码, 并判断所述数据緩存区中 的数据与计算生成的解锁码验证码是否一致, 是则将所述锁定标志 复位, 将所述状态标识置为第五预设值, 清除所述数据緩存区中的 数据, 执行步骤 L; 否则清除所述数据緩存区中的数据, 返回执行 步骤 C;  (Step Η) calculating an unlock code verification code, and determining whether the data in the data buffer is consistent with the calculated unlock code verification code, and resetting the lock flag to set the status flag to the fifth Preset value, clear the data in the data buffer, perform step L; otherwise clear the data in the data buffer, return to step C;
(步骤 I )判断所述数据緩存区中的数据与所述动态令牌内部当 前存储的开机密码是否一致,是则将所述状态标识置为第三预设值 , 清除所述数据緩存区中的数据, 执行步骤 L; 否则清除所述数据緩 存区中的数据, 将所述锁定标志置位, 返回执行步骤 C;  (Step 1) determining whether the data in the data buffer is consistent with the power-on password currently stored in the dynamic token, and then setting the status identifier to a third preset value, and clearing the data buffer. Data, perform step L; otherwise clear the data in the data buffer, set the lock flag, return to step C;
(步骤 J )计算生成动态口令, 显示与所述动态口令相对应的 内容, 执行步骤 L;  (Step J) calculating a dynamic password, displaying the content corresponding to the dynamic password, performing step L;
(步骤 Κ )判断所述数据緩存区中的数据是否符合预设 是则用所述数据緩存区中的数据替换所述动态令牌内部当前存储的 开机密码, 清除所述数据緩存区中的数据, 将所述状态标识置为第 三预设值, 执行步骤 L; 否则清除所述数据緩存区中的数据, 执行 步骤 L;  (Step Κ) determining whether the data in the data buffer area is consistent with the preset, replacing the power-on password currently stored in the dynamic token with the data in the data buffer area, and clearing the data in the data buffer area. Set the status identifier to a third preset value, and perform step L; otherwise, clear the data in the data buffer area, and perform step L;
(步骤 L )判断在预定时间内是否检测到所述按键标志被置位, 是则返回执行步骤 Α; 否则将所述开机标志复位, 进入休眠状态。  (Step L) It is judged whether the button flag is detected to be set within a predetermined time, and if yes, return to the execution step Α; otherwise, the power-on flag is reset to enter a sleep state.
2、根据权利要求 1所述的方法, 其特征在于, 当所述动态令牌 检测到其按键标志被置位后还包括: 判断所述动态令牌是否已完成 初始化, 是则执行步骤 A, 否则所述动态令牌根据被按下的按键的 类型检测液晶屏和按键是否可用。 The method according to claim 1, wherein when the dynamic token detects that the button flag is set, the method further comprises: determining whether the dynamic token has been completed Initialization, yes, step A is performed, otherwise the dynamic token detects whether the LCD screen and the button are available according to the type of the pressed button.
3、根据权利要求 1所述的方法, 其特征在于, 当所述动态令牌 判断出被按下的按键为所述电源键后还包括: 判断所述电源键被连 续按下的时间是否超过了预设时长, 是则执行步驟 B, 否则执行步 骤0。 The method according to claim 1, wherein when the dynamic token determines that the pressed button is the power button, the method further comprises: determining whether the time when the power button is continuously pressed exceeds The preset duration is, then step B is performed, otherwise step 0 is executed.
4、根据权利要求 1所述的方法, 其特征在于, 所述动态令牌中 设置有可用密码重试次数, 当所述动态令牌进入休眠状态时, 将所 述状态标识恢复为默认值, 保存当前可用密码重试次数以及所述锁 定标志的状态,且当重新检测到所述按键标志被置位时执行步骤 A; 相应地, 所述步骤 I中:  The method according to claim 1, wherein the dynamic token is set with the number of available password retries, and when the dynamic token enters a sleep state, the status identifier is restored to a default value. Saving the current number of available password retries and the status of the lock flag, and performing step A when it is re-detected that the button flag is set; correspondingly, in step I:
当判断出所述数据緩存区中的数据与所述动态令牌内部当前存 储的开机密码一致时还包括:将所述可用密码重试次数置为初始值; 当判断出所述数据緩存区中的数据与所述动态令牌内部当前存 储的开机密码不一致时具体包括: 清除所述数据緩存区中的数据, 计算所述可用密码重试次数减 1 , 结果作为当前可用密码重试次数, 判断当前可用密码重试次数是否为 0, 是则将所述锁定标志置位, 执行步骤 L, 否则直接执行步骤 L;  When it is determined that the data in the data buffer is consistent with the power-on password currently stored in the dynamic token, the method further includes: setting the number of available password retries to an initial value; and determining that the data buffer is in the buffer When the data is inconsistent with the power-on password currently stored in the dynamic token, the method includes: clearing data in the data buffer, calculating the number of available password retries minus 1, and determining the number of retries for the currently available password. Whether the number of currently available password retries is 0, if yes, the lock flag is set, step L is performed, otherwise step L is directly executed;
其中, 在所述步骤 D中, 当所述开机标志被置位时, 若所述数 据緩存区中没有数据, 则直接执行步骤 L;  Wherein, in the step D, when the power-on flag is set, if there is no data in the data buffer, step L is directly performed;
在所述数据緩存区中用一个单元数据表示一个数字, 所述一个 单元数据为经过编码的或未经编码的;  Denoting a number in the data buffer with a unit data, the unit data being encoded or uncoded;
所述保存相应数据到数据緩存区具体包括: 根据所述状态标识 判断所述数据緩存区中单元数据的个数是否已超过预设个数, 是则 保存最先或最后的预设个数的单元数据, 否则保存全部单元数据; 所述显示相应数字具体包括: 显示所述数据緩存区中全部单元 数据所对应的数字, 显示的相应数字为数据明文或符号 "-" 或先显 示固定时间数据明文后用符号 "-"代替所述数据明文, 当所述状态 标识的不同预设值对应不同的显示方式时, 具体根据所述状态标识 的当前值选择显示方式。 The saving the corresponding data to the data buffer area specifically includes: determining, according to the status identifier, whether the number of unit data in the data buffer area has exceeded a preset number, Saving the first or last preset number of unit data, otherwise saving all the unit data; the displaying the corresponding number specifically includes: displaying the number corresponding to all the unit data in the data buffer area, and displaying the corresponding number as the data plaintext Or the symbol "-" or the fixed time data plaintext is displayed first, and the data plaintext is replaced by the symbol "-". When different preset values of the state identifier correspond to different display modes, the current value according to the state identifier is specifically determined. Select the display method.
5、 根据权利要求 1所述的方法, 其特征在于, 5. The method of claim 1 wherein:
所述计算生成解锁码 码具体包括: 所述动态令牌根据其内 部的静态因子和动态因子, 或根据所述数据緩存区中的数据及其内 部的静态因子和动态因子, 采用预设算法计算生成一个或多个预设 位长的解锁码 码, 其中所述动态因子为时间因子或事件因子; 当生成一个解锁码 码时, 所述动态因子为当前动态因子; 当生成多个解锁码驺^£码时, 所述动态因子为以当前动态因子 为中点或为起点的多个动态因子;  The calculating the unlock code includes: the dynamic token is calculated according to a static factor and a dynamic factor thereof, or according to the data in the data buffer and the internal static factor and the dynamic factor, and is calculated by using a preset algorithm. Generating an unlock code of one or more preset bit lengths, where the dynamic factor is a time factor or an event factor; when generating an unlock code, the dynamic factor is a current dynamic factor; when generating multiple unlock codes 驺When the code is ^, the dynamic factor is a plurality of dynamic factors with the current dynamic factor as the midpoint or starting point;
判断所述数据緩存区中的数据与计算生成的解锁码验证码是否 一致具体为: 判断所述数据緩存区中的数据是否与所述一个解锁码 ^相同或是否与所述多个解锁码^^中的任意一个相同。  Determining whether the data in the data buffer is consistent with the calculated unlock code verification code is: determining whether the data in the data buffer is the same as the one unlock code or whether the multiple unlock code is Any one of ^ is the same.
6、 根据权利要求 1所述的方法, 其特征在于, 6. The method of claim 1 wherein:
所述计算生成动态口令具体包括: 所述动态令牌根据动态因子 和预先存储在所述动态令牌中的静态因子, 或根据动态因子、 所述 数据緩存区中的数据和预先存储在所述动态令牌中的静态因子生成 长度为 6位的动态口令, 其中, 所述动态因子为时间因子或事件因 子;  The calculating the dynamic password specifically includes: the dynamic token according to a dynamic factor and a static factor pre-stored in the dynamic token, or according to a dynamic factor, data in the data buffer, and pre-stored in the The static factor in the dynamic token generates a dynamic password of length 6 bits, wherein the dynamic factor is a time factor or an event factor;
所述显示与所述动态口令相对应的内容具体为显示所述动态口 令的前 4位, 其后 2位用符号 "-" 代替。 The displaying the content corresponding to the dynamic password is specifically displaying the dynamic port The first 4 digits of the order, the next 2 digits are replaced by the symbol "-".
7、 根据权利要求 1所述的方法, 其特征在于, 所述步骤 G中 还包括: 当所述状态标识为第四预设值时执行步骤 M, 其中所述步 骤 M具体包括:判断所述数据緩存区中的数据与所述动态令牌当前 存储的开机密码是否一致 , 是则将所述状态标识置为第五预设值, 清除所述数据緩存区中的数据, 执行步骤 L; 否则清除所述数据緩 存区中的数据, 执行步骤 L; The method according to claim 1, wherein the step G further comprises: performing step M when the status identifier is a fourth preset value, where the step M comprises: determining the Whether the data in the data buffer is consistent with the power-on password currently stored by the dynamic token, and the state identifier is set to a fifth preset value, and the data in the data buffer is cleared, and step L is performed; otherwise Clearing the data in the data buffer, performing step L;
相应地, 步骤 F中当判断出所述被按下的 ^被连续按下的时 间超过预设时长时包括: 将所述状态标识置为第四预设值, 执行步 骤1_  Correspondingly, when it is determined in step F that the pressed time is continuously pressed for more than the preset duration, the method includes: setting the status identifier to a fourth preset value, and executing step 1_
8、 根据权利要求 1所述的方法, 其特征在于, 所述步骤 G中 还包括: 当所述状态标识为第六预设值时执行步骤 N, 其中所述步 骤 N具体包括: The method according to claim 1, wherein the step G further comprises: performing step N when the status identifier is a sixth preset value, where the step N specifically includes:
判断所述数据緩存区中的数据与新开机密码是否一致, 是则用 所述新开机密码替换当前所述动态令牌内部存储的开机密码, 将所 述状态标识置为第三预设值, 清除所述数据緩存区中的数据, 执行 步骤 L; 否则清除所述数据緩存区中的数据, 将所述状态标识置为 第五预设值, 执行步骤 L;  Determining whether the data in the data buffer is consistent with the new power-on password, and replacing the power-on password stored in the current dynamic token with the new power-on password, and setting the state identifier to a third preset value. Clearing the data in the data buffer, performing step L; otherwise clearing the data in the data buffer, setting the status identifier to a fifth preset value, performing step L;
相应地, 步骤 K中当判断出所述数据緩存区中的数据符合预设 条件时, 将所述数据緩存区中的数据存储为新开机密码, 将所述状 态标识置为第六预设值, 清除所述数据緩存区中的数据, 执行步骤 L。  Correspondingly, when it is determined that the data in the data buffer area meets the preset condition, the data in the data buffer area is stored as a new power-on password, and the status identifier is set to a sixth preset value. , clear the data in the data buffer, and perform step L.
9、 根据权利要求 1所述的方法, 其特征在于, 所述步骤 G中 还包括: 当所述状态标识为第七预设值时执行步骤 o, 其中所述步 骤 O具体包括: 将所述状态标识置为第三预设值, 执行步骤 L; 相应地, 所述步骤 J 中所述计算生成动态口令后还包括: 将所 述状态标识置为第七预设值, 判断在所述动态口令失效前是否检测 到所述按键标识被置位, 是则返回执行步骤 A, 否则当所述动态口 令失效时将所述状态标识置为第三预设值, 执行步骤 9. The method according to claim 1, wherein in the step G The method further includes: performing the step o when the status identifier is the seventh preset value, where the step O specifically includes: setting the status identifier to a third preset value, performing step L; correspondingly, the step After the calculating the dynamic password, the method further includes: setting the status identifier to a seventh preset value, determining whether the button identifier is set before the dynamic password expires, and returning to step A. Otherwise, when the dynamic password fails, the status identifier is set to a third preset value, and the steps are performed.
10、 根据权利要求 1所述的方法, 其特征在于, 当所述动态令 牌检测到按键标志被置位后还包括按键消抖处理, 具体为: 10. The method according to claim 1, wherein when the dynamic token detects that the button flag is set, the button debounce processing is further included, specifically:
当检测到按键标志被置位后判断按键被按下的时间是否超过预 设时间, 是则执行步骤 A, 否则清除按键标志, 进入休眠状态, 继 续等待^^标志被置位。  When it is detected that the button is pressed and the time when the button is pressed exceeds the preset time, step A is performed, otherwise the button flag is cleared, the sleep state is entered, and the wait for the ^^ flag is set.
11、 一种动态令牌的工作方法, 其特征在于, 当所述动态令牌 检测到其按键标志被置位后包括: A working method of a dynamic token, characterized in that, after the dynamic token detects that a button flag is set, the method includes:
(步骤 a )清除按键标志、 扫描按键, 判断被按下的按键的类 型, 若为电源键则执行步骤 b, 若为删除键则执行步骤 d, 若为第一 数字键组中的任意按键则执行步骤 e, 若为第二数字键组中的任意 则执行步骤 f, 若为确认键则执行步骤 g;  (Step a) Clear the button mark and scan button to judge the type of the pressed button. If it is the power button, execute step b. If it is the delete button, execute step d. If it is any button in the first number button group, Step e is performed, if it is any of the second number key group, step f is performed, and if it is a confirmation key, step g is performed;
(步骤 b )检查开机标志, 当所述开机标志被置位时, 将所述 开机标志复位, ¾A休眠状态; 当所述开机标志未被置位时, 将所 述开机标志置位, 执行步骤 c;  (Step b) checking the boot flag, when the boot flag is set, resetting the boot flag, 3⁄4A sleep state; when the boot flag is not set, setting the boot flag, performing steps c;
(步骤 c )检查锁定标志, 若所述锁定标志被置位则将状态标 识置为第一预设值,执行步骤 1; 若所述锁定标志未被置位则将所述 状态标识置为第二预设值, 执行步骤 1;  (Step c) checking the lock flag, if the lock flag is set, setting the status flag to the first preset value, performing step 1; if the lock flag is not set, the status flag is set to Two preset values, performing step 1;
(步骤 d )检查所述开机标志, 当所述开机标志被置位时, 检 查状态标识,删除相应緩存区末端的一个单元数据, 显示相应数字, 执行步骤 1; 当所述开才*志未被置位时, 休眠状态; (Step d) checking the boot flag, when the boot flag is set, check Check the status identifier, delete a unit data at the end of the corresponding buffer area, display the corresponding number, perform step 1; when the open status is not set, the sleep state;
(步骤 e )检查所述开机标志, 当所述开机标志被置位时, 检 查状态标识, 保存相应数据到相应緩存区, 并显示相应数字, 执行 步骤 1; 当所述开机标志未被置位时, 休眠状态;  (Step e) checking the boot flag, when the boot flag is set, checking the status identifier, saving the corresponding data to the corresponding buffer area, and displaying the corresponding number, performing step 1; when the boot flag is not set Hibernation state
(步骤 f )检查所述开机标志,  (Step f) Check the boot flag,
当所述开机标志被置位且所述状态标识为第三预设值时, 判断 所述被按下的按键被连续按下的时间是否超过预设时长, 是则将所 述状态标识置为第五预设值, 执行步骤 1, 否则直接执行步骤 1;  When the power-on flag is set and the state identifier is a third preset value, it is determined whether the pressed button is continuously pressed for more than a preset duration, and the state identifier is set to The fifth preset value, step 1 is performed, otherwise step 1 is directly executed;
当所述开机标志被置位且所述状态标识不为第三预设值时, 检 查状态标识, 保存相应数据到相应緩存区, 并显示相应数字, 执行 步骤 1;  When the power-on flag is set and the status identifier is not the third preset value, check the status identifier, save the corresponding data to the corresponding buffer area, and display the corresponding number, and perform step 1;
当所述开机标志未被置位时, 休眠状态;  When the boot flag is not set, the sleep state;
(步骤 g )检查所述开机标志,  (Step g) Check the boot flag,
当所述开机标志被置位时, 检查所述状态标识, 若所述状态标 识为第一预设值则执行步骤 h, 若为第二预设值则执行步骤 i, 若为 第三预设值则执行步骤 j, 若为第五预设值则执行步骤 k;  When the power-on flag is set, the status indicator is checked. If the status indicator is the first preset value, step h is performed. If the second preset value is used, step i is performed. The value is performed in step j, and if it is the fifth preset value, step k is performed;
当所述开机标志未被置位时, itA^休眠状态;  When the boot flag is not set, itA^ sleep state;
(步骤 h )计算生成解锁码验证码, 并判断解锁码数据緩存区 中的数据与计算生成的解锁码验证码是否一致, 是则将所述锁定标 志复位, 将所述状态标识置为第五预设值, 清除所述解锁码緩存区 中的数据, 执行步骤 1; 否则清除所述解锁码緩存区中的数据, 返回 执行步骤 c;  (Step h) calculating an unlock code verification code, and determining whether the data in the unlock code data buffer is consistent with the calculated unlock code verification code, and resetting the lock flag to set the status flag to the fifth Preset value, clear the data in the unlock code buffer, perform step 1; otherwise clear the data in the unlock code buffer, return to step c;
(步骤 i )判断开机密码緩存区中的数据与所述动态令牌内部当 前存储的开机密码是否一致,是则将所述状态标识置为第三预设值, 清除所述开机密码緩存区中的数据,执行步骤 1; 否则清除所述开机 密码緩存区中的数据, 将所述锁定标志置位, 返回执行步骤 C; (Step i) determining whether the data in the power-on password buffer area is consistent with the power-on password currently stored in the dynamic token, and then setting the status identifier to a third preset value, and clearing the power-on password buffer area Data, perform step 1; otherwise clear the boot The data in the password buffer, set the lock flag, and return to step C;
(步骤 j )计算生成动态口令,显示与所述动态口令相对应的内 容, 执行步骤 1;  (Step j) calculating a dynamic password, displaying the content corresponding to the dynamic password, performing step 1;
(步骤 k )判断新开机密码緩存区中的数据是否符合预设条件, 是则用所述新开机密码緩存区中的数据替换所述动态令牌内部当前 存储的开机密码, 清除所述新开机密码緩存区中的数据, 将所述状 态标识置为第三预设值,执行步骤 1; 否则清除所述新开机密码緩存 区中的数据, 执行步骤 1;  (Step k) determining whether the data in the new power-on password buffer area meets the preset condition, and replacing the current power-on password currently stored in the dynamic token with the data in the new power-on password buffer area, and clearing the new power-on password The data in the password buffer is set to the third preset value, and step 1 is performed; otherwise, the data in the new power-on password buffer is cleared, and step 1 is performed;
(步骤 1 )判断在预定时间内是否检测到所述按键标志被置位, 是则返回执行步骤 A; 否则将所述开机标志复位, 进入休眠状态。  (Step 1) It is judged whether the button flag is detected to be set within a predetermined time, and if yes, return to step A; otherwise, the power-on flag is reset to enter a sleep state.
12、根据权利要求 11所述的方法, 其特征在于, 当所述动态令 牌检测到其按键标志被置位后还包括: 判断所述动态令牌是否已完 成初始化, 是则执行步骤 a, 否则所述动态令牌根据被按下的按键 的类型检测液晶屏和按键是否可用。 The method according to claim 11, wherein after the dynamic token detects that the button flag is set, the method further comprises: determining whether the dynamic token has been initialized, and executing step a, Otherwise, the dynamic token detects whether the LCD screen and the button are available according to the type of button pressed.
13、根据权利要求 11所述的方法, 其特征在于, 当所述动态令 牌判断出被按下的按键为所述电源键后还包括: 判断所述电源键被 连续按下的时间是否超过了预设时长, 是则执行步骤 b, 否则执行 步骤 d。 The method according to claim 11, wherein after the dynamic token determines that the pressed button is the power button, the method further comprises: determining whether the time when the power button is continuously pressed exceeds The preset duration is, then step b is performed, otherwise step d is performed.
14、根据权利要求 11所述的方法, 其特征在于, 所述动态令牌 中设置有可用密码重试次数, 当所述动态令牌进入休眠状态时, 将 所述状态标识恢复为默认值, 保存当前可用密码重试次数以及所述 锁定标志的状态, 且当重新检测到所述按键标志被置位时执行步骤 a; 相应地所述步骤 i中: The method according to claim 11, wherein the dynamic token is set with the number of available password retries, and when the dynamic token enters a sleep state, the status identifier is restored to a default value. Saving the current number of available password retries and the status of the lock flag, and performing step a when it is re-detected that the button flag is set; Correspondingly in step i:
当判断出所述开机密码緩存区中的数据与所述动态令牌内部当 前存储的开机密码一致时还包括: 将所述可用密码重试次数置为初 始值;  When it is determined that the data in the power-on password buffer is consistent with the power-on password currently stored in the dynamic token, the method further includes: setting the number of available password retry times to an initial value;
判断出所述开机密码緩存区中的数据与所述动态令牌内部当前 存储的开机密码不一致时具体包括: 清除所述开机密码緩存区中的 数据, 计算所述可用密码重试次数减 1, 结果作为当前可用密码重 试次数, 判断当前可用密码重试次数是否为 0, 是则将所述锁定标 志置位, 执行步骤 1, 否则直接执行步骤 1;  Determining, when the data in the power-on password buffer area is inconsistent with the power-on password currently stored in the dynamic token, specifically: clearing data in the power-on password buffer area, and calculating the number of available password retry times by one, As a result, as the number of currently available password retries, it is determined whether the number of currently available password retries is 0, if yes, the lock flag is set, step 1 is performed, otherwise step 1 is directly executed;
其中, 所述步骤 d中,  Wherein, in the step d,
当所述开机标志被置位时, 若所 目应緩存区中没有数据, 则 直 行步骤 1;  When the power-on flag is set, if there is no data in the buffer area, go to step 1;
所述检查状态标识,删除相应緩存区末端的一个单元数据包括: 检查状态标识, 若为第一预设值则删除解锁码緩冲区末端的一个单 元数据; 若为第二预设值或第四预设值则删除开机密码緩存区末端 的一个单元数据; 若为第五预设值则删除新开机密码緩存区末端的 一个单元数据; 若为第六预设值则删除确认新开机密码緩存区末端 的一个单元数据; 若为其它则不做处理;  The checking status identifier, deleting a unit data at the end of the corresponding buffer area, includes: checking a status identifier, if the first preset value is deleted, deleting one unit data at the end of the unlock code buffer; if it is a second preset value or The fourth preset value deletes one unit data at the end of the power-on password buffer area; if it is the fifth preset value, deletes one unit data at the end of the new power-on password buffer area; if it is the sixth preset value, deletes and confirms the new power-on password buffer. a unit of data at the end of the zone; if not, it is not processed;
在所 目应緩存区中用一个单元数据表示一个数字, 所述一个 单元数据为经过编码的或未经编码的;  A unit is represented by a unit data in the desired buffer area, and the unit data is encoded or uncoded;
所述检查状态标识, 保存相应数据到相应緩存区包括: 检查状 态标识, 若为第一预设值则保存相应数据到解锁码緩存区; 若为第 二或第四预设值则保存相应数据到开机密码緩存区; 若为第五预设 值则保存相应数据到新开机密码緩存区; 若为第六预设值则保存相 应数据到确认新开机密码緩存区; 若为其它则不做处理;  The checking status identifier, and saving the corresponding data to the corresponding buffer area includes: checking the status identifier, if the first preset value is, saving the corresponding data to the unlock code buffer area; if the second or fourth preset value is, saving the corresponding data Go to the power-on password buffer area; if it is the fifth preset value, save the corresponding data to the new power-on password buffer area; if it is the sixth preset value, save the corresponding data to confirm the new power-on password buffer area; if it is other, it will not be processed. ;
所述保存相应数据到相应緩存区具体包括: 根据所述状态标识 判断所述相应緩存区中单元数据的个数是否已超过预设个数, 是则 保存最先或最后的预设个数的单元数据, 否则保存全部单元数据; 所述显示相应数字具体包括: 显示所述数据緩存区中全部单元 数据所对应的数字, 显示的相应数字为数据明文或符号 "-" 或先显 示固定时间数据明文后用符号 "-"替代所述数据明文, 当所述状态 标识的不同预设值对应不同的显示方式时, 具体根据所述状态标识 的当前值选择显示方式。 The saving the corresponding data to the corresponding buffer area specifically includes: identifying the status according to the status Determining whether the number of unit data in the corresponding buffer area has exceeded a preset number, and storing the first or last preset number of unit data, otherwise storing all unit data; the displaying the corresponding number specifically includes: Displaying the number corresponding to all the unit data in the data buffer, and displaying the corresponding number as the data plaintext or the symbol "-" or displaying the fixed time data plaintext first and then replacing the data plaintext with the symbol "-", when the state When different preset values of the identifiers correspond to different display modes, the display mode is selected according to the current value of the state identifiers.
15、根据权利要求 11所述的方法, 其特征在于, 所述当所述状 态标识不为第三预设值时保存相应数据到相应緩存区包括: 若为第 一预设值则保存相应数据到解锁码緩存区; 若为第二或第四预设值 则保存相应数据到开机密码緩存区; 若为第五预设值则保存相应数 据到新开机密码緩存区; 若为第六预设值则保存相应数据到确认新 开机密码緩存区; 若为其它则不做处理。 The method according to claim 11, wherein the saving the corresponding data to the corresponding buffer area when the status identifier is not the third preset value comprises: saving the corresponding data if the first preset value is To the unlock code buffer area; if it is the second or fourth preset value, save the corresponding data to the power-on password buffer; if it is the fifth preset value, save the corresponding data to the new power-on password buffer; if it is the sixth preset The value will save the corresponding data to confirm the new power-on password buffer; if it is other, it will not be processed.
16、根据权利要求 11所述的方法, 其特征在于, 所述步骤 g中 还包括: 当所述状态标识为第四预设值时执行步骤 m, 其中所述步 骤 m具体包括: 判断所述开机密码緩存区中的数据与所述动态令牌 当前存储的开机密码是否一致, 是则将所述状态标识置为第五预设 值, 清除所述开机密码緩存区中的数据, 执行步骤 1; 否则清除所述 开机密码緩存区中的数据, 执行步骤 1; The method of claim 11, wherein the step g further comprises: performing step m when the status identifier is a fourth preset value, where the step m specifically comprises: determining the Whether the data in the power-on password buffer is consistent with the power-on password currently stored in the dynamic token, and the state identifier is set to a fifth preset value, and the data in the power-on password buffer is cleared, and step 1 is performed. Otherwise, clear the data in the power-on password buffer, and perform step 1;
相应地, 步骤 f 中当判断出所述被按下的 被连续按下的时 间是超过预设时长时包括: 将所述状态标识置为第四预设值, 执行 步骤 1。  Correspondingly, when it is determined that the pressed continuous pressed time exceeds the preset duration in step f, the method includes: setting the status identifier to a fourth preset value, and performing step 1.
17、根据权利要求 11所述的方法, 其特征在于, 所述步骤 g中 还包括: 当所述状态标识为第六预设值时执行步骤 n, 其中所述步 骤 n具体包括: The method according to claim 11, wherein in the step g The method further includes: performing step n when the status identifier is a sixth preset value, where the step n specifically includes:
判断所述确认开机密码緩存区中的数据与新开机密码是否一 致, 是则用所述新开机密码替换当前所述动态令牌内部存储的开机 密码, 将所述状态标识置为第三预设值, 清除所述确认开机密码緩 存区中的数据,执行步骤 1; 否则清除所述确认开机密码緩存区中的 数据, 将所述状态标识置为第五预设值, 执行步骤 1;  Determining whether the data in the confirmation power-on password buffer is consistent with the new power-on password, and replacing the power-on password stored in the current dynamic token with the new power-on password, and setting the status identifier to a third preset. Value, clear the data in the confirmation power-on password buffer, perform step 1; otherwise, clear the data in the confirmation power-on password buffer, set the status identifier to a fifth preset value, and perform step 1;
相应地, 步骤 k中当判断出所述新开机密码緩存区中的数据符 合预设条件时, 将所述新开机密码緩存区中的数据存储为新开机密 码, 将所述状态标识置为第六预设值, 清除所述新开机密码緩存区 中的数据, 执行步骤 1。  Correspondingly, when it is determined in step k that the data in the new power-on password buffer area meets a preset condition, the data in the new power-on password buffer area is stored as a new power-on password, and the status identifier is set to Six preset values, clear the data in the new power-on password buffer, and perform step 1.
18、根据权利要求 11所述的方法, 其特征在于, 所述步骤 g中 还包括: 当所述状态标识为第七预设值时执行步骤 o, 其中所述步 骤。具体包括: 将所述状态标识置为第三预设值, 执行步骤 1; 相应地, 所述步骤 j 中所述计算生成动态口令后还包括: 将所 述状态标识置为第七预设值, 判断在所述动态口令失效前是否检测 到所述按键标识被置位, 是则返回执行步骤 a, 否则当所述动态口 令失效时将所述状态标识置为第三预设值, 执行步骤 1。  The method according to claim 11, wherein the step g further comprises: performing step o, wherein the step is performed when the status identifier is a seventh preset value. The method includes: setting the status identifier to a third preset value, and performing step 1; correspondingly, after the calculating the dynamic password in the step j, the method further includes: setting the status identifier to a seventh preset value Determining whether the button identifier is set before the dynamic password is invalid, if yes, returning to step a, otherwise, when the dynamic password is invalid, setting the status identifier to a third preset value, and performing steps 1.
19、根据权利要求 11所述的方法, 其特征在于, 当所述动态令 牌检测到按键标志被置位后还包括按鍵消抖处理, 具体为:  The method according to claim 11, wherein when the dynamic token detects that the button flag is set, the button debounce processing is further included, specifically:
当检测到按键标志被置位后判断按键被按下的时间是否超过预 设时间, 是则执行步驟 a, 否则清除按键标志, 进入休眠状态, 继 续等待^^标志被置位。  When it is detected that the button is pressed and the time when the button is pressed exceeds the preset time, step a is performed, otherwise the button flag is cleared, the sleep state is entered, and the wait ^^ flag is set.
PCT/CN2012/083828 2012-03-31 2012-10-31 One-time password operating method WO2013143281A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US14/233,245 US9413752B2 (en) 2012-03-31 2012-10-31 One-time password operating method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201210094070.9A CN102611556B (en) 2012-03-31 2012-03-31 Working method of dynamic token
CN201210094070.9 2012-03-31

Publications (1)

Publication Number Publication Date
WO2013143281A1 true WO2013143281A1 (en) 2013-10-03

Family

ID=46528728

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/083828 WO2013143281A1 (en) 2012-03-31 2012-10-31 One-time password operating method

Country Status (3)

Country Link
US (1) US9413752B2 (en)
CN (1) CN102611556B (en)
WO (1) WO2013143281A1 (en)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102611556B (en) * 2012-03-31 2014-10-29 飞天诚信科技股份有限公司 Working method of dynamic token
CN102801531B (en) * 2012-09-04 2015-03-04 飞天诚信科技股份有限公司 Working method of dynamic password based on sound transmission
CN103227720B (en) * 2013-03-12 2015-09-23 飞天诚信科技股份有限公司 A kind of button processing method being applied to dynamic token
CN103209077B (en) * 2013-04-15 2015-12-02 飞天诚信科技股份有限公司 A kind of unlock method being applicable to dynamic token
CN103312508A (en) * 2013-05-15 2013-09-18 飞天诚信科技股份有限公司 Working method of dynamic token
CN103312517B (en) * 2013-06-28 2016-04-06 飞天诚信科技股份有限公司 A kind of Dualpurpose installation shares the implementation method of display screen and button
CN103391195B (en) * 2013-07-01 2016-04-06 飞天诚信科技股份有限公司 A kind of method of work of dynamic token
CN105302653A (en) * 2015-11-18 2016-02-03 合肥宝龙达光电技术有限公司 Circuit structure used for preventing start of tablet computer caused by mistakenly touching power key
DE102016213104A1 (en) * 2016-07-18 2018-01-18 bitagentur GmbH & Co. KG Token-based authentication with signed message
CN106780921A (en) * 2016-12-28 2017-05-31 深圳小熊管家科技有限公司 Electronic lock and its cipher set-up method and setting device
US11956404B2 (en) * 2018-06-14 2024-04-09 Kyocera Document Solutions Inc. Authentication device and image forming apparatus
CN110837628B (en) * 2018-08-16 2023-03-14 比亚迪股份有限公司 Encryption and decryption method and device for terminal equipment, computer equipment and storage medium
CN112907926B (en) * 2019-12-04 2022-07-29 惠州视维新技术有限公司 Control method of remote control equipment, storage medium and remote control equipment
CN113904892B (en) * 2021-09-16 2022-12-30 浙江零跑科技股份有限公司 Method for resetting vehicle operation password
CN113722720B (en) * 2021-10-29 2022-02-18 苏州浪潮智能科技有限公司 System starting method and related device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101309268A (en) * 2008-05-21 2008-11-19 北京飞天诚信科技有限公司 Dynamic token preventing false trigger and control method thereof
CN102307101A (en) * 2011-09-09 2012-01-04 飞天诚信科技股份有限公司 Method and device for processing dynamic token and trigger signal of dynamic token
CN102611556A (en) * 2012-03-31 2012-07-25 飞天诚信科技股份有限公司 Working method of dynamic token

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1886269A4 (en) * 2005-05-19 2010-05-05 Sandisk Il Ltd Transaction authentication by a token, contingent on personal presence
US9137012B2 (en) * 2006-02-03 2015-09-15 Emc Corporation Wireless authentication methods and apparatus
US8661258B2 (en) * 2009-10-23 2014-02-25 Vasco Data Security, Inc. Compact security device with transaction risk level approval capability
CN101789864B (en) * 2010-02-05 2012-10-10 中国工商银行股份有限公司 On-line bank background identity identification method, device and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101309268A (en) * 2008-05-21 2008-11-19 北京飞天诚信科技有限公司 Dynamic token preventing false trigger and control method thereof
CN102307101A (en) * 2011-09-09 2012-01-04 飞天诚信科技股份有限公司 Method and device for processing dynamic token and trigger signal of dynamic token
CN102611556A (en) * 2012-03-31 2012-07-25 飞天诚信科技股份有限公司 Working method of dynamic token

Also Published As

Publication number Publication date
US9413752B2 (en) 2016-08-09
CN102611556B (en) 2014-10-29
US20150304313A1 (en) 2015-10-22
CN102611556A (en) 2012-07-25

Similar Documents

Publication Publication Date Title
WO2013143281A1 (en) One-time password operating method
US9386009B1 (en) Secure identification string
US9075987B2 (en) Methods and computing devices for password verification
US8949955B2 (en) Method and apparatus for mobile time-based UI for VIP
JP5613855B1 (en) User authentication system
US10915656B2 (en) Rollback protection for login security policy
US20170208075A1 (en) Smart Lockout
WO2012159225A1 (en) Dynamic interactive identity authentication method and system
US10069821B2 (en) Operating method for one-time password with updatable seed
US20170255772A1 (en) Electronic device and a screen unlocking method thereof
CN101799857A (en) Password authentication method
JP5833640B2 (en) Method, device, and computer program support for password generation and verification
CN103391195B (en) A kind of method of work of dynamic token
US9781104B2 (en) Working method of dynamic token
CN107862192B (en) Login interface unlocking method and device, computer equipment and storage medium
WO2017113719A1 (en) Remote mobile terminal locking method and system
WO2017166359A1 (en) User domain access method, access device, and mobile terminal
WO2017193517A1 (en) Decryption method and system for terminal
KR101378706B1 (en) A Melody Based Lock and Unlock Method In mobile Terminal
KR20230138766A (en) How to display and control password entry hints
CN111222107A (en) Unlocking method, intelligent terminal and computer readable storage medium
CN114005201A (en) Door lock control method and device, electronic equipment and storage medium
CN116340920B (en) Intelligent wearable equipment coded lock system based on security model
TW451025B (en) Electronic password lock with operation mode of random number input and method thereof
JP2014164672A (en) Authentication device and authentication method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12873233

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 14233245

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12873233

Country of ref document: EP

Kind code of ref document: A1